Cobbler

Cobbler介绍

Cobbler是一个Linux服务器安装的服务，可以通过网络启动（PXE）的方式来快速安装、重装物理服务器和虚拟机，同时还可以管理DHCP，DNS
Cobbler可以使用命令行方式管理，也提供了基于Web界面管理工具(cobbler-web)，同时提供API接口用于二次开发。
Cobbler是较早前的Kickstart的升级版本，向较与Kickstart优点为更容易配置，且自带WEB界面。易于管理。

Cobbler原理

Cobbler是通过将DHCP、TFTP、DNS、HTTP等服务进行集成，创建一个中央管理节点，其可以实现的功能有配置服务，创建存储库，解压缩操作系统媒介，代理或集成一个配置管理系统，控制电源管理等。 Cobbler的最终目的是实现无需进行人工干预即可安装机器。在进行进一步的操作之前，我们有必要先了解下pxe和kickstart 。

Pxe（预执行环境)

PXE是让计算机通过网卡独立地使用数据设备(如硬盘)或者安装操作系统。PXE主要通过广播的方式发送一个包，并请求获取一个地址，而后交给TFTP程序下载一个引导文件。

Kickstart

Kickstart 是红帽开发的一种工具，我们可以简单理解为一个自动安装应答配置管理程序。通过读取这个配置文件，系统知道怎么去分区，要安装什么包，配什么IP，优化什么内核参数等等

原理视图及步骤

Cobbler安装

安装环境工具;并开启自启服务

[root@localhost ~]# yum install -y httpd dhcp tftp python-ctypes cobbler xinetd cobbler-web pykickstart epel-release

[root@localhost ~]# systemctl enable --now httpd cobblerd

修改配置文件中的IP

[root@localhost ~]# vim /etc/cobbler/settings
......
# (dual homed, etc), you need to read the --server-override section
# of the manpage for how that works.
server: 192.168.163.140     ## 修改为本地IP
......
# of the cobbler server here so that PXE booting guests can find it
# if you do not set this correctly, this will be manifested in TFTP open timeouts.
next_server: 192.168.163.140    ## tftp服务的ip地址也填写为本地IP

修改配置文件开启tftp yes改为no;

[root@localhost ~]# vim /etc/xinetd.d/tftp 
......
service tftp
{
        socket_type             = dgram
        protocol                = udp
        wait                    = yes
        user                    = root
        server                  = /usr/sbin/in.tftpd
        server_args             = -s /var/lib/tftpboot
        disable                 = no     ## 将状态修改为NO ，表示开启此服务
        per_source              = 11
        cps                     = 100 2
        flags                   = IPv4

由于是新的虚拟机,需要关闭防火墙等;并重启才能执行下一步

[root@localhost ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@localhost ~]# vim /etc/selinux/config 
[root@localhost ~]# reboot

下载cobbler相关缺失文件

[root@localhost ~]# cobbler get-loaders
......
path /var/lib/cobbler/loaders/grub-x86_64.efi already exists, not overwriting existing content, use --force if you wish to update
*** TASK COMPLETE ***

开启rsync共享服务

[root@localhost ~]# systemctl enable --now rsyncd

修改默认密码(默认密码为cobbler)

[root@localhost ~]# openssl passwd -1 -salt "$RANDOM" '123456'
$1$31883$7Ndrx.zYDONXoUZnhBoOz.
## 写入配置文件
[root@localhost ~]# vim /etc/cobbler/settings
# and put the output between the "" below.
default_password_crypted: "$1$31883$7Ndrx.zYDONXoUZnhBoOz."

## 重启服务
[root@localhost ~]# systemctl restart cobblerd
## 检查
[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:

1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

1为需要Debian的必备包，如果安装的客户机的系统没有Debian,则不需要处理。

2为电源管理的工具没有安装，如果需要电源管理则需要，如没有则忽略。

配置DHCP服务

[root@localhost ~]# vim /etc/cobbler/settings 
......
# the choice of DHCP management engine is in /etc/cobbler/modules.conf
manage_dhcp: 1    # 将值改成1，即启动dhcp服务

[root@localhost ~]# vim /etc/cobbler/dhcp.template 
option pxe-system-type code 93 = unsigned integer 16;

subnet 192.168.163.0 netmask 255.255.255.0 {     ##本机IP网段
     option routers             192.168.163.140;       ## 本机IP
     option domain-name-servers 192.168.163.140;   ##  这次为本机IP
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        192.168.163.10 192.168.163.20;   ##  地址池

重启服务并同步配置

[root@localhost modules]# systemctl restart cobblerd
[root@localhost modules]# cobbler sync

#######中间略#######

*** TASK COMPLETE ***      ###必须为这个才为成功

导入ISO系统镜像文件

挂载
[root@localhost ~]# mount /dev/cdrom /mnt
导入
[root@localhost ~]# cobbler import --path=/mnt --name=centos-7 --arch=x86_64
task started: 2020-11-24_004223_import
task started (id=Media import, time=Tue Nov 24 00:42:23 2020)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/centos-7-x86_64:
creating new distro: centos-7-x86_64
trying symlink: /var/www/cobbler/ks_mirror/centos-7-x86_64 -> /var/www/cobbler/links/centos-7-x86_64
creating new profile: centos-7-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos-7-x86_64 for centos-7-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos-7-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/centos-7-x86_64
looking for /var/www/cobbler/ks_mirror/centos-7-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos-7-x86_64/repodata
*** TASK COMPLETE ***

查看镜像信息
[root@localhost /]# cobbler list
distros:
   centos-7-x86_64

profiles:
   centos-7-x86_64

systems:

repos:

images:

mgmtclasses:

packages:

files:

新建kickstart脚本文件

[root@localhost cobbler]# cat > /var/lib/cobbler/kickstarts/centos-7-x86_64.ks << 'EOF'
> auth --enableshadow --passalgo=sha512
> bootloader --location=mbr
> clearpart --all --initlabel
> part /boot --asprimary --fstype="ext4" --size=500
> part swap --fstype="swap" --size=4096
> part / --fstype="ext4" --grow --size=15000
> text
> firewall --disabled
> firstboot --disable
> keyboard us
> lang en_US
> url --url=http://172.16.12.128/cobbler/ks_mirror/rhel-7-x86_64
> $yum_repo_stanza
> reboot
> 
> rootpw --iscrypted $6$2WTFvfNvAMgCUPuC$MJgWGzhakgxrRObcEbAwSe8vkz0s//xyiTllGwxRsHHruQhcskO69u2LVTU9u0eemHXH2pzcGawyAJ54R2E/x0
> 
> selinux --disabled
> skipx
> timezone Asia/Shanghai --isUtc --nontp
> install
> zerombr
> 
> %packages
> @^minimal
> @core
> kexec-tools
> 
> %end
> 
> %addon com_redhat_kdump --enable --reserve-mb='auto'
> 
> %end
> 
> %anaconda
> pwpolicy root --minlen=6 --minquality=1 --notstrict --nochanges --notempty
> pwpolicy user --minlen=6 --minquality=1 --notstrict --nochanges --emptyok
> pwpolicy luks --minlen=6 --minquality=1 --notstrict --nochanges --notempty
> %end
> EOF

修改配置文件.改IP,镜像名字.密码(为生成的新密码)
[root@localhost kickstarts]# pwd
/var/lib/cobbler/kickstarts
[root@localhost kickstarts]# ls
default.ks        rhel-7-x86_64.ks     sample_esxi6.ks
esxi4-ks.cfg      sample_autoyast.xml  sample.ks
esxi5-ks.cfg      sample_end.ks        sample_old.seed
install_profiles  sample_esx4.ks       sample.seed
legacy.ks         sample_esxi4.ks      sample.seed.28
pxerescue.ks      sample_esxi5.ks

[root@localhost kickstarts]# vim rhel-7-x86_64.ks 
url --url=http://192.168.163.140/cobbler/ks_mirror/centos-7-x86_64 
$yum_repo_stanza
reboot

#rootpw --iscrypted $6$2WTFvfNvAMgCUPuC$MJgWGzhakgxrRObcEbAwSe8vkz0s//xyiTllGwxRsHHruQhcskO69u2LVTU9u0eemHXH2pzcGawyAJ54R2E/x0

rootpw --iscrypted $6$h25cO9/sk00IpZPI$zdHHxpuA.7q55u/tk8.crg0CHUgdm5QGK3d1gdPOWdIzR4zfkAWbmzJK32OsXA8vy3Q1bE8jxBxHX/QGUcGBY0

打开另一个终端:复制密码
[root@localhost ~]# ls
anaconda-ks.cfg
[root@localhost ~]# vim anaconda-ks.cfg 
rootpw --iscrypted $6$h25cO9/sk00IpZPI$zdHHxpuA.7q55u/tk8.crg0CHUgdm5QGK3d1gdPOWdIzR4zfkAWbmzJK32OsXA8vy3Q1bE8jxBxHX/QGUcGBY0

检验语法

[root@localhost ~]# cobbler validateks

*** all kickstarts seem to be ok ***
*** TASK COMPLETE ***

修改配置文件

[root@localhost kickstarts]#  cobbler profile edit --name centos-7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/rhel-7-x86_64.ks     ##这里注意  第一个是镜像名    第二个是文件下的名字
[root@localhost kickstarts]#  cobbler profile edit --name centos-7-x86_64 --kopts='net.ifnames=0 biosdevname=0'

查看配置信息

[root@localhost ~]# cobbler profile report
Name                           : centos-7-x86_64
TFTP Boot Files                : {}
Comment                        : 
DHCP Tag                       : default
Distribution                   : centos-7-x86_64
Enable gPXE?                   : 0
Enable PXE Menu?               : 1
Fetchable Files                : {}
Kernel Options                 : {'biosdevname': '0', 'net.ifnames': '0'}
Kernel Options (Post Install)  : {}
Kickstart                      : /var/lib/cobbler/kickstarts/rhel-7-x86_64.ks
Kickstart Metadata             : {}
Management Classes             : []
Management Parameters          : <<inherit>>
Name Servers                   : []
Name Servers Search Path       : []
Owners                         : ['admin']
Parent Profile                 : 
Internal proxy                 : 
Red Hat Management Key         : <<inherit>>
Red Hat Management Server      : <<inherit>>
Repos                          : []
Server Override                : <<inherit>>
Template Files                 : {}
Virt Auto Boot                 : 1
Virt Bridge                    : xenbr0
Virt CPUs                      : 1
Virt Disk Driver Type          : raw
Virt File Size(GB)             : 5
Virt Path                      : 
Virt RAM (MB)                  : 512
Virt Type                      : kvm

同步配置文件并重启服务

[root@localhost ~]# cobbler sync
......
*** TASK COMPLETE ***
重启所有服务
[root@localhost kickstarts]# systemctl restart xinetd cobblerd httpd 
[root@localhost kickstarts]# ss -antl
State      Recv-Q Send-Q Local Address:Port               Peer Address:Port              
LISTEN     0      128     *:22                  *:*                  
LISTEN     0      100    127.0.0.1:25                  *:*                  
LISTEN     0      5      127.0.0.1:25151               *:*                  
LISTEN     0      5       *:873                 *:*                  
LISTEN     0      128      [::]:80                   [::]:*                  
LISTEN     0      128      [::]:22                   [::]:*                  
LISTEN     0      100     [::1]:25                   [::]:*                  
LISTEN     0      128      [::]:443                  [::]:*                  
LISTEN     0      5        [::]:873                  [::]:*   

客户端装机

• 网卡类型必须一致
• 内存至少2G
  
  
• 因为IP地址为动态,所以虚拟机可能不在设的192.168.163.10-20.为正常现象