cobbler无人值守装机服务

cobbler工作原理

1，准备环境

查看系统版本与内核

[root@ c7-41 ~] cat /etc/redhat-release 
CentOS Linux release 7.7.1908 (Core)
[root@ c7-41 ~] uname -r
3.10.0-1062.el7.x86_64
[root@ c7-41 ~] hostname -i|awk '{print $3,$4}'
10.0.0.41 172.16.1.41

关闭防火墙和selinux

[root@ c7-41 ~] getenforce 
Disabled
[root@ c7-41 ~] systemctl stop firewalld

下载epel源

[root@ c7-41 ~] wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
--2020-05-07 13:49:32--  http://mirrors.aliyun.com/repo/epel-7.repo
Resolving mirrors.aliyun.com (mirrors.aliyun.com)... 111.26.42.229, 111.26.42.226, 111.26.42.227, ...
Connecting to mirrors.aliyun.com (mirrors.aliyun.com)|111.26.42.229|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 664 [application/octet-stream]
Saving to: ‘/etc/yum.repos.d/epel.repo’

100%[=======================================>] 664         --.-K/s   in 0s      

2020-05-07 13:49:32 (54.4 MB/s) - ‘/etc/yum.repos.d/epel.repo’ saved [664/664]

2，安装组件

[root@ c7-41 ~] yum -y install cobbler cobbler-web tftp-server pykickstart httpd dhcp xinetd debmirror

启动cobbler，httpd并添加开机自启

[root@ c7-41 ~] systemctl enable httpd cobblerd
[root@ c7-41 ~] systemctl start httpd cobblerd

3，配置cobbler

检查cobbler配置，运行cobbler check根据命令修改参数

[root@ c7-41 ~] cobbler check #类似于一个使用手册，提示需要完成的内容
The following are potential configuration items that you may want to fix:

1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : comment out 'dists' on /etc/debmirror.conf for proper debian support
7 : comment out 'arches' on /etc/debmirror.conf for proper debian support
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run 'cobbler sync' to apply changes.

看到上面出现的问题，然后一个一个解决，先进行设置为可以动态配置

[root@ c7-41 ~]  sed -ri '/allow_dynamic_settings:/c\allow_dynamic_settings: 1' /etc/cobbler/settings
[root@ c7-41 ~] grep allow_dynamic_settings /etc/cobbler/settings
allow_dynamic_settings: 1
[root@ c7-41 ~] systemctl restart cobblerd

[root@ c7-41 ~] cobbler setting edit --name=server --value=10.0.0.41 		#配置server地址
[root@ c7-41 ~] cobbler setting edit --name=next_server --value=10.0.0.41 	#next_server地址

[root@ c7-41 ~] sed -ri '/disable/c\disable = no' /etc/xinetd.d/tftp		#配置xinetd管理tftp
[root@ c7-41 ~] systemctl enable xinetd
[root@ c7-41 ~] systemctl restart xinetd

[root@ c7-41 ~] cobbler get-loaders #boot-loaders
[root@ c7-42 ~] systemctl start rsyncd #启动rsync
[root@ c7-42 ~] systemctl enable rsyncd
[root@ c7-41 ~] sed -i 's#@dists="sid";#\#@dists="sid";#gp' /etc/debmirror.conf
[root@ c7-41 ~] sed -i 's#@arches="i386";#\#@arches="i386";#g' /etc/debmirror.conf

#设置cobbler安装完系统后，默认root用户初始化密码，用openssl生成一串密码后加入到cobbler配置文件中
[root@ c7-41 ~] openssl passwd -1 -salt `openssl rand -hex 4` '123456'
$1$e99b81e1$9Tah/x1SWem4utUjd8u7/0
[root@ c7-41 ~] cobbler setting edit --name=default_password_crypted --value='$1$e99b81e1$9Tah/x1SWem4utUjd8u7/0'

[root@ c7-41 ~] yum -y install fence-agents #安装fence-agents
[root@ c7-41 ~] systemctl restart cobblerd.service #重启cobbler
[root@ c7-41 ~] cobbler sync #重载
[root@ c7-41 ~] cobbler check
No configuration problems found.  All systems go.

4，配置DHCP

[root@ c7-41 ~] vim /etc/cobbler/dhcp.template
[root@ c7-41 ~] sed -n '21,29p' /etc/cobbler/dhcp.template
subnet 10.0.0.0 netmask 255.255.255.0 {  	#改为分配的网段
     option routers             10.0.0.254; #如有网关，改为网关
     option domain-name-servers 223.5.5.5; #如有dns改为dns
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        10.0.0.100 10.0.0.200;  #分配ip地址范围
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;
     class "pxeclients" {
[root@ c7-41 ~] cobbler sync #重载

5，cobbler安装centos6.8

本机是centos7系统配置的cobbler，没有centos6.8镜像，需要上传或者下载一个镜像并进行挂载

[root@ c7-41 ~] ls
anaconda-ks.cfg  CentOS-6.8-x86_64-bin-DVD1.iso
[root@ c7-41 ~] mkdir -p /centos6.8
[root@ c7-41 ~] mount -o loop CentOS-6.8-x86_64-bin-DVD1.iso /centos6.8/
mount: /dev/loop0 is write-protected, mounting read-only
[root@ c7-41 ~] df -h #查看磁盘状态
Filesystem               Size  Used Avail Use% Mounted on
devtmpfs                 2.0G     0  2.0G   0% /dev
tmpfs                    2.0G     0  2.0G   0% /dev/shm
tmpfs                    2.0G   12M  2.0G   1% /run
tmpfs                    2.0G     0  2.0G   0% /sys/fs/cgroup
/dev/mapper/centos-root   27G  9.5G   18G  36% /
/dev/sda1               1014M  137M  878M  14% /boot
tmpfs                    394M     0  394M   0% /run/user/0
/dev/loop0               3.7G  3.7G     0 100% /centos6.8
[root@ c7-41 ~] ls /centos6.8/ #查看挂载后的目录
CentOS_BuildTag  isolinux                  RPM-GPG-KEY-CentOS-Debug-6
EFI              Packages                  RPM-GPG-KEY-CentOS-Security-6
EULA             RELEASE-NOTES-en-US.html  RPM-GPG-KEY-CentOS-Testing-6
GPL              repodata                  TRANS.TBL
images           RPM-GPG-KEY-CentOS-6
#导入镜像
[root@ c7-41 ~] cobbler import --path=/centos6.8 --name=centos6.8 --arch=x86_64

--path 镜像路径
--name 为安装源定义名称
--arch 指定安装源是32位，64位，ia64
安装源的唯一标识就是根据name参数来定义的

[root@ c7-41 ~] cobbler distro report --name=centos6.8-x86_64
Name                           : centos6.8-x86_64
Architecture                   : x86_64
TFTP Boot Files                : {}
Breed                          : redhat
Comment                        : 
Fetchable Files                : {}
Initrd                         : /var/www/cobbler/ks_mirror/centos6.8-x86_64/images/pxeboot/initrd.img
Kernel                         : /var/www/cobbler/ks_mirror/centos6.8-x86_64/images/pxeboot/vmlinuz
Kernel Options                 : {}
Kernel Options (Post Install)  : {}
Kickstart Metadata             : {'tree': 'http://@@http_server@@/cblr/links/centos6.8-x86_64'}
Management Classes             : []
OS Version                     : rhel6
Owners                         : ['admin']
Red Hat Management Key         : <<inherit>>
Red Hat Management Server      : <<inherit>>
Template Files                 : {}

6，修改kickstart配置文件

[root@ c7-41 ~] cd /var/lib/cobbler/kickstarts/
[root@ c7-41 kickstarts] cp sample_end.ks centos6.8.ks
[root@ c7-41 kickstarts] vim centos6.8.ks
[root@ c7-41 kickstarts] cat centos6.8.ks 
# This kickstart file should only be used with EL > 5 and/or Fedora > 7.
# For older versions please use the sample.ks kickstart file.
# Install OS instead of upgrade
install
# Use text mode install
text
# System keyboard
keyboard us
# System language
lang en_US
# System timezone
timezone  Asia/ShangHai #设置时区
#Root password
rootpw --iscrypted $default_password_crypted #初始密码
# System authorization information
auth  --useshadow  --enablemd5
# Firewall configuration
firewall --disabled  #关闭防火墙
# SELinux configuration
selinux --disabled #关闭selinux
# Use network installation
url --url=$tree 

# Clear the Master Boot Record
zerombr
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
part /boot --fstype=ext4 --size=200
part swap --fstype=swap --size=2048
part / --fstype=ext4 --grow --size=200 --asprimary

# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information 
$SNIPPET('network_config')
# Do not configure the X Window System
skipx
# Run the Setup Agent on first boot
firstboot --disable
# Reboot after installation
reboot


%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end

%packages
$SNIPPET('func_install_if_enabled')
@core
@base
tree
nmap
wget
lftp
lrzsz
telnet
%end #添加安装一些常用环境的服务

%post --nochroot
$SNIPPET('log_ks_post_nochroot')
%end

%post
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')
# End final steps
#做ssh服务加速
sed -ri "/^#UseDNS/c\UseDNS no" /etc/ssh/sshd_config
sed -ri "/^GSSAPIAuthentication/c\GSSAPIAuthentication no" /etc/ssh/sshd_config
%end

#动态编辑指定使用新的kickstart文件
[root@ c7-41 kickstarts] cobbler profile edit --name=centos6.8-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6.8.ks
#验证是否更改成功
[root@ c7-41 kickstarts] cobbler profile report --name=centos6.8-x86_64 |grep Kickstart
Kickstart                      : /var/lib/cobbler/kickstarts/centos6.8.ks
Kickstart Metadata             : {}
[root@ c7-41 kickstarts] cobbler sync #重载

7，在虚拟机上操作，并创建主机

创建成功

8，web端测试

用户：cobbler
密码：cobbler

cobbler命令帮助