cobbler简介及部署

1. cobbler简介

Cobbler 是一个系统启动服务（boot server），可以通过网络启动（PXE）的方式用来快速安装、重装物理服务器和虚拟机，支持安装不同的 Linux 发行版和 Windows。该工具使用python开发，小巧轻便（才15k行代码），使用简单的命令即可完成PXE网络安装环境的配置，同时还可以管理DHCP，DNS，以及yum包镜像。

Cobbler 使用命令行方式管理，也提供了基于 Web 的界面管理工具（cobbler-web），还提供了API接口，可以方便二次开发使用。

即多安装树的pxe环境，是pxe的高级封装

Cobbler依赖：dhcp、tftp、rsync及dns

Cobbler是较早前的kickstart的升级版，优点是比较容易配置，还自带web界面比较易于管理。

Cobbler内置了一个轻量级配置管理系统，但它也支持和其它配置管理系统集成，如Puppet，暂时不支持SaltStack。

cobbler集成的服务

• PXE服务支持
• DHCP服务管理
• DNS服务管理(可选bind,dnsmasq)
• 电源管理
• Kickstart服务支持
• YUM仓库管理
• TFTP(PXE启动时需要)
• Apache(提供kickstart的安装源，并提供定制化的kickstart配置)

cobbler配置文件详解

cobbler配置文件目录在/etc/cobbler

配置文件	作用
/etc/cobbler/settings	cobbler主配置文件
/etc/cobbler/iso/	iso模板配置文件
/etc/cobbler/pxe	pxe模板配置文件
/etc/cobbler/power	电源配置文件
/etc/cobbler/user.conf	web服务授权配置文件
/etc/cobbler/users.digest	web访问的用户名密码配置文件
/etc/cobbler/dhcp.template	dhcp服务器的的配置模板
/etc/cobbler/dnsmasq.template	dns服务器的配置模板
/etc/cobbler/tftpd.template	tftp服务的配置模板
/etc/cobbler/modules.conf	模块的配置文件

cobbler数据目录

目录	作用
/var/lib/cobbler/config/	用于存放distros，system，profiles等信息配置文件
/var/lib/cobbler/triggers/	用于存放用户定义的cobbler命令
/var/lib/cobbler/kickstart/	默认存放kickstart文件
/var/lib/cobbler/loaders/	存放各种引导程序以及镜像目录
/var/www/cobbler/ks_mirror/	导入的发行版系统的所有数据
/var/www/cobbler/images/	导入发行版的kernel和initrd镜像用于远程网络启动
/var/www/cobbler/repo_mirror/	yum仓库存储目录

cobbler日志文件

日志文件路径	说明
/var/log/cobbler/installing	客户端安装日志
/var/log/cobbler/cobbler.log	cobbler日志

cobbler命令详解
cobbler check       //核对当前设置是否有问题
cobbler list        //列出所有的cobbler元素
cobbler report      //列出元素的详细信息
cobbler sync        //同步配置到数据目录,更改配置最好都要执行下
cobbler reposync    //同步yum仓库
cobbler distro      //查看导入的发行版系统信息
cobbler system      //查看添加的系统信息
cobbler profile     //查看配置信息

2. cobbler服务端单机部署

配置yum源

[root@wyt1 ~]# curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-7.repo
[root@wyt1 ~]# sed -i 's/\$releasever/7/g' /etc/yum.repos.d/CentOS-Base.repo
[root@wyt1 ~]# sed -i -e '/mirrors.cloud.aliyuncs.com/d' -e '/mirrors.aliyuncs.com/d' /etc/yum.repos.d/CentOS-Base.repo
[root@wyt1 ~]# yum -y install epel-release

安装cobbler相关软件

[root@wyt1 ~]# yum -y install httpd dhcp tftp python-ctypes cobbler  xinetd cobbler-web pykickstart net-tools

启动服务并设置开机自启

[root@wyt1 ~]# systemctl enable --now httpd
[root@wyt1 ~]# systemctl enable --now cobblerd
[root@wyt1 ~]# systemctl enable --now xinetd
[root@wyt1 ~]# ss -antl
State       Recv-Q Send-Q Local Address:Port               Peer Address:Port              
LISTEN      0      100    127.0.0.1:25                       *:*                  
LISTEN      0      5      127.0.0.1:25151                    *:*                  
LISTEN      0      128          *:22                       *:*                  
LISTEN      0      100      [::1]:25                    [::]:*                  
LISTEN      0      128       [::]:443                   [::]:*                  
LISTEN      0      128       [::]:80                    [::]:*                  
LISTEN      0      128       [::]:22                    [::]:*           

修改server的ip地址为本机ip

[root@wyt1 ~]# sed -i 's/^server: 127.0.0.1/server: 192.168.179.128/' /etc/cobbler/settings

设置tftp的ip地址为本机ip

[root@wyt1 ~]# sed -i 's/^next_server: 127.0.0.1/next_server: 192.168.179.128/' /etc/cobbler/settings

开启tftp

[root@wyt1 ~]# sed -i '/disable/s/yes/no/g' /etc/xinetd.d/tftp
[root@wyt1 ~]# vim /etc/xinetd.d/tftp

# default: off
# description: The tftp server serves files using the trivial file transfer \
#       protocol.  The tftp protocol is often used to boot diskless \
#       workstations, download configuration files to network-aware printers, \
#       and to start the installation process for some operating systems.
service tftp
{
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args             = -s /var/lib/tftpboot
        disable                 = no  //修改此行
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4

下载缺失文件

[root@wyt1 ~]# cobbler get-loaders
task started: 2020-07-30_111104_get_loaders
task started (id=Download Bootloader Content, time=Thu Jul 30 11:11:04 2020)
path /var/lib/cobbler/loaders/README already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.elilo already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/COPYING.syslinux already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/elilo-ia64.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/yaboot already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/pxelinux.0 already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/menu.c32 already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/grub-x86.efi already exists, not overwriting existing content, use --force if you wish to update
path /var/lib/cobbler/loaders/grub-x86_64.efi already exists, not overwriting existing content, use --force if you wish to update
*** TASK COMPLETE ***

启动rsync并设置开机自启

[root@wyt1 ~]# systemctl enable --now rsyncd
[root@wyt1 ~]# ss -antl|grep 873
LISTEN     0      5            *:873                      *:*                  
LISTEN     0      5         [::]:873                   [::]:* 

生成加密的密码

[root@wyt1 ~]# openssl passwd -1 -salt "$RANDOM" '123456'
$1$30823$mW29/wal2O2OYsyYLKXgp0

将新生成的加密密码加入到配置文件

[root@wyt1 ~]#  vim /etc/cobbler/settings
default_password_crypted: "$1$30823$mW29/wal2O2OYsyYLKXgp0''

重启cobbler

[root@wyt1 ~]# systemctl restart cobblerd
[root@wyt1 ~]# ss -antl
State       Recv-Q Send-Q Local Address:Port               Peer Address:Port              
LISTEN      0      100     127.0.0.1:25                          *:*                  
LISTEN      0      5       127.0.0.1:25151                       *:*                  
LISTEN      0      5               *:873                         *:*                  
LISTEN      0      128             *:22                          *:*                  
LISTEN      0      100         [::1]:25                       [::]:*                  
LISTEN      0      128          [::]:443                      [::]:*                  
LISTEN      0      5            [::]:873                      [::]:*                  
LISTEN      0      128          [::]:80                       [::]:*                  
LISTEN      0      128          [::]:22                       [::]:*      

通过cobbler check 核对当前设置是否有问题

[root@wyt1 ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.
//以上两个是关于debian系统的错误，可忽略

配置cobbler dhcp

修改cobbler配置文件，让cobbler控制dhcp

[root@wyt1 ~]# sed -i '/^manage_dhcp/s/0/1/g' /etc/cobbler/settings
[root@wyt1 ~]# sed -n '/^manage_dhcp/p' /etc/cobbler/settings
manage_dhcp: 1

配置dhcp