Cobbler介绍
Cobbler是一个Linux服务器安装的服务,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器和虚拟机,同时还可以管理DHCP,DNS
Cobbler可以使用命令行方式管理,也提供了基于Web界面管理工具(cobbler-web),同时提供API接口用于二次开发。
Cobbler是较早前的Kickstart的升级版本,向较与Kickstart优点为更容易配置,且自带WEB界面。易于管理。
Cobbler原理
Cobbler是通过将DHCP、TFTP、DNS、HTTP等服务进行集成,创建一个中央管理节点,其可以实现的功能有配置服务,创建存储库,解压缩操作系统媒介,代理或集成一个配置管理系统,控制电源管理等。 Cobbler的最终目的是实现无需进行人工干预即可安装机器。在进行进一步的操作之前,我们有必要先了解下pxe和kickstart 。
Pxe(预执行环境)
PXE是让计算机通过网卡独立地使用数据设备(如硬盘)或者安装操作系统。PXE主要通过广播的方式发送一个包,并请求获取一个地址,而后交给TFTP程序下载一个引导文件。
Kickstart
Kickstart 是红帽开发的一种工具,我们可以简单理解为一个自动安装应答配置管理程序。通过读取这个配置文件,系统知道怎么去分区,要安装什么包,配什么IP,优化什么内核参数等等
原理视图及步骤
Cobbler安装
安装环境工具;并开启自启服务
[root@localhost ~]# yum install -y httpd dhcp tftp python-ctypes cobbler xinetd cobbler-web pykickstart epel-release
[root@localhost ~]# systemctl enable --now httpd cobblerd
修改配置文件中的IP
[root@localhost ~]# vim /etc/cobbler/settings
......
# (dual homed, etc), you need to read the --server-override section
# of the manpage for how that works.
server: 192.168.163.140 ## 修改为本地IP
......
# of the cobbler server here so that PXE booting guests can find it
# if you do not set this correctly, this will be manifested in TFTP open timeouts.
next_server: 192.168.163.140 ## tftp服务的ip地址也填写为本地IP
修改配置文件开启tftp yes改为no;
[root@localhost ~]# vim /etc/xinetd.d/tftp
......
service tftp
{
socket_type = dgram
protocol = udp
wait = yes
user = root
server = /usr/sbin/in.tftpd
server_args = -s /var/lib/tftpboot
disable = no ## 将状态修改为NO ,表示开启此服务
per_source = 11
cps = 100 2
flags = IPv4
由于是新的虚拟机,需要关闭防火墙等;并重启才能执行下一步
[root@localhost ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# vim /etc/selinux/config
[root@localhost ~]# reboot
下载cobbler相关缺失文件
[root@localhost ~]# cobbler get-loaders
......
path /var/lib/cobbler/loaders/grub-x86_64.efi already exists, not overwriting existing content, use --force if you wish to update
*** TASK COMPLETE ***
开启rsync共享服务
[root@localhost ~]# systemctl enable --now rsyncd
修改默认密码(默认密码为cobbler)
[root@localhost ~]# openssl passwd -1 -salt "$RANDOM" '123456'
$1$31883$7Ndrx.zYDONXoUZnhBoOz.
## 写入配置文件
[root@localhost ~]# vim /etc/cobbler/settings
# and put the output between the "" below.
default_password_crypted: "$1$31883$7Ndrx.zYDONXoUZnhBoOz."
## 重启服务
[root@localhost ~]# systemctl restart cobblerd
## 检查
[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
1为需要Debian的必备包,如果安装的客户机的系统没有Debian,则不需要处理。
2为电源管理的工具没有安装,如果需要电源管理则需要,如没有则忽略。
配置DHCP服务
[root@localhost ~]# vim /etc/cobbler/settings
......
# the choice of DHCP management engine is in /etc/cobbler/modules.conf
manage_dhcp: 1 # 将值改成1,即启动dhcp服务
[root@localhost ~]# vim /etc/cobbler/dhcp.template
option pxe-system-type code 93 = unsigned integer 16;
subnet 192.168.163.0 netmask 255.255.255.0 { ##本机IP网段
option routers 192.168.163.140; ## 本机IP
option domain-name-servers 192.168.163.140; ## 这次为本机IP
option subnet-mask 255.255.255.0;
range dynamic-bootp 192.168.163.10 192.168.163.20; ## 地址池
重启服务并同步配置
[root@localhost modules]# systemctl restart cobblerd
[root@localhost modules]# cobbler sync
#######中间略#######
*** TASK COMPLETE *** ###必须为这个才为成功
导入ISO系统镜像文件
挂载
[root@localhost ~]# mount /dev/cdrom /mnt
导入
[root@localhost ~]# cobbler import --path=/mnt --name=centos-7 --arch=x86_64
task started: 2020-11-24_004223_import
task started (id=Media import, time=Tue Nov 24 00:42:23 2020)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/centos-7-x86_64:
creating new distro: centos-7-x86_64
trying symlink: /var/www/cobbler/ks_mirror/centos-7-x86_64 -> /var/www/cobbler/links/centos-7-x86_64
creating new profile: centos-7-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos-7-x86_64 for centos-7-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos-7-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/centos-7-x86_64
looking for /var/www/cobbler/ks_mirror/centos-7-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos-7-x86_64/repodata
*** TASK COMPLETE ***
查看镜像信息
[root@localhost /]# cobbler list
distros:
centos-7-x86_64
profiles:
centos-7-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
新建kickstart脚本文件
[root@localhost cobbler]# cat > /var/lib/cobbler/kickstarts/centos-7-x86_64.ks << 'EOF'
> auth --enableshadow --passalgo=sha512
> bootloader --location=mbr
> clearpart --all --initlabel
> part /boot --asprimary --fstype="ext4" --size=500
> part swap --fstype="swap" --size=4096
> part / --fstype="ext4" --grow --size=15000
> text
> firewall --disabled
> firstboot --disable
> keyboard us
> lang en_US
> url --url=http://172.16.12.128/cobbler/ks_mirror/rhel-7-x86_64
> $yum_repo_stanza
> reboot
>
> rootpw --iscrypted $6$2WTFvfNvAMgCUPuC$MJgWGzhakgxrRObcEbAwSe8vkz0s//xyiTllGwxRsHHruQhcskO69u2LVTU9u0eemHXH2pzcGawyAJ54R2E/x0
>
> selinux --disabled
> skipx
> timezone Asia/Shanghai --isUtc --nontp
> install
> zerombr
>
> %packages
> @^minimal
> @core
> kexec-tools
>
> %end
>
> %addon com_redhat_kdump --enable --reserve-mb='auto'
>
> %end
>
> %anaconda
> pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
> pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
> pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
> %end
> EOF
修改配置文件.改IP,镜像名字.密码(为生成的新密码)
[root@localhost kickstarts]# pwd
/var/lib/cobbler/kickstarts
[root@localhost kickstarts]# ls
default.ks rhel-7-x86_64.ks sample_esxi6.ks
esxi4-ks.cfg sample_autoyast.xml sample.ks
esxi5-ks.cfg sample_end.ks sample_old.seed
install_profiles sample_esx4.ks sample.seed
legacy.ks sample_esxi4.ks sample.seed.28
pxerescue.ks sample_esxi5.ks
[root@localhost kickstarts]# vim rhel-7-x86_64.ks
url --url=http://192.168.163.140/cobbler/ks_mirror/centos-7-x86_64
$yum_repo_stanza
reboot
#rootpw --iscrypted $6$2WTFvfNvAMgCUPuC$MJgWGzhakgxrRObcEbAwSe8vkz0s//xyiTllGwxRsHHruQhcskO69u2LVTU9u0eemHXH2pzcGawyAJ54R2E/x0
rootpw --iscrypted $6$h25cO9/sk00IpZPI$zdHHxpuA.7q55u/tk8.crg0CHUgdm5QGK3d1gdPOWdIzR4zfkAWbmzJK32OsXA8vy3Q1bE8jxBxHX/QGUcGBY0
打开另一个终端:复制密码
[root@localhost ~]# ls
anaconda-ks.cfg
[root@localhost ~]# vim anaconda-ks.cfg
rootpw --iscrypted $6$h25cO9/sk00IpZPI$zdHHxpuA.7q55u/tk8.crg0CHUgdm5QGK3d1gdPOWdIzR4zfkAWbmzJK32OsXA8vy3Q1bE8jxBxHX/QGUcGBY0
检验语法
[root@localhost ~]# cobbler validateks
*** all kickstarts seem to be ok ***
*** TASK COMPLETE ***
修改配置文件
[root@localhost kickstarts]# cobbler profile edit --name centos-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/rhel-7-x86_64.ks ##这里注意 第一个是镜像名 第二个是文件下的名字
[root@localhost kickstarts]# cobbler profile edit --name centos-7-x86_64 --kopts='net.ifnames=0 biosdevname=0'
查看配置信息
[root@localhost ~]# cobbler profile report
Name : centos-7-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : centos-7-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {'biosdevname': '0', 'net.ifnames': '0'}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/rhel-7-x86_64.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <<inherit>>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <<inherit>>
Red Hat Management Server : <<inherit>>
Repos : []
Server Override : <<inherit>>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
同步配置文件并重启服务
[root@localhost ~]# cobbler sync
......
*** TASK COMPLETE ***
重启所有服务
[root@localhost kickstarts]# systemctl restart xinetd cobblerd httpd
[root@localhost kickstarts]# ss -antl
State Recv-Q Send-Q Local Address:Port Peer Address:Port
LISTEN 0 128 *:22 *:*
LISTEN 0 100 127.0.0.1:25 *:*
LISTEN 0 5 127.0.0.1:25151 *:*
LISTEN 0 5 *:873 *:*
LISTEN 0 128 [::]:80 [::]:*
LISTEN 0 128 [::]:22 [::]:*
LISTEN 0 100 [::1]:25 [::]:*
LISTEN 0 128 [::]:443 [::]:*
LISTEN 0 5 [::]:873 [::]:*
客户端装机
- 网卡类型必须一致
- 内存至少2G
- 因为IP地址为动态,所以虚拟机可能不在设的192.168.163.10-20.为正常现象