Linux 自动化部署安装 《Cobbler网络无人值守安装 》

Cobbler是一个快速网络安装linux的服务,而且在经过调整也可以支持网络安装windows。该工具使用python开发,小巧轻便,使用简单的命令即可完成PXE网络安装环境的配置,同时还可以管理DHCP,DNS,以及yum包镜像。Cobbler支持命令行管理,web界面管理,还提供了API接口,可以方便二次开发使用。和Kickstart不同的是,使用cobbler不会因为在局域网中启动了dhcp而导致有些机器因为默认从pxe启动在重启服务器后加载tftp内容导致启动终止。

http://www.cobblerd.org/

安装阿里云的源

 vim /etc/yum.repos.d/aliyun.repo 
[aliyun]
name=http://mirrors.aliyun.com
baseurl=http://mirrors.aliyun.com/centos/6/os/x86_64/
enabled=1
gpgcheck=1
gpgkey=http://mirrors.aliyun.com/centos/6/os/x86_64/RPM-GPG-KEY-CentOS-6

yum clean all
yum list

cobbler-2.6.3-1.el6.noarch.rpm
cobbler-web-2.6.3-1.el6.noarch.rpm

# yum -y install cobbler cobbler-web

–这里的依赖性最后的PyYAML在rhel6.5的iso里不是自带的,所以要先手动上网下载并安装;上面两个依赖性在rhel6.5的iso里就有,所以可以直接使用yum来安装

PyYAML这个依赖性的rpm包在rhel6.5的iso里没有,epel源里没有,163源没有,centos源等等都没有,它的官方网站没有rpm包.可以尝试去www.rpmfind.net或rpm.pbone.net网站下载

# rpm -qa |grep cobbler
cobbler-2.6.3-1.el6.noarch
cobbler-web-2.6.3-1.el6.noarch

安装完cobbler,把下面这些组件服务也安装上

#yum install  tftp* rsync xinetd httpd syslinux dhcp* pykickstart

--------------------------------

第二大步:基本配置

# cobbler check     --查看cobbler潜在的需要修改的选项(有可能因为你的httpd启不来,而选成无法显示下面的结果;按报错去解决它)

The following are potential configuration items that you may want to fix:

1 : The ‘server’ field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the ‘next_server’ field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run ‘cobbler get-loaders’ to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The ‘cobbler get-loaders’ command is the easiest way to resolve these requirements.
4 : since iptables may be running, ensure 69, 80/443, and 25151 are unblocked
5 : debmirror package is not installed, it will be required to manage debian deployments and repositories
6 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to ‘cobbler’ and should be changed, try: “openssl passwd -1 -salt ‘random-phrase-here’ ‘your-password-here’” to generate new one
7 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them

Restart cobblerd and then run ‘cobbler sync’ to apply changes.

–说明:上面我这里是有7个需求(不同的机器和环境可能会不一样,按照它的说明去解决就可以了)

解决需求1,需求2,需求6:

# openssl passwd -1 -salt 'werwqerwqr' '123456'     --123456为密码(这是自动安装客户端系统成功后的root登录密码),werwqerwqr为干扰码(随便写)
$1$werwqerw$.prcfrYFbwuvkD8XspayN.
# vim /etc/cobbler/settings
384 server: 1.1.1.2 --换成cobbler服务器端的IP
272 next_server: 1.1.1.2    --同上
101 default_password_crypted: "$1$werwqerw$.prcfrYFbwuvkD8XspayN."  --把密码字符串换成你上面产生的字符串


# /etc/init.d/cobblerd restart  --修改后重启

解决需求4:
cobbler检测到你的iptables是开启状态,它需要iptables不要禁止69,80,443,25151端口就可以了。你也可以关闭iptables

iptables -F
iptables -t nat -F
/etc/init.d/iptables stop
chkconfig iptables off

解决需求7

# yum install fence-agents

解决了上面的问题后,再次cobbler check

# cobbler check     --解决了上面的问题,只余下两个问题了(问题1可以使用cobbler get-loaders解决,但需要有外网和外网的yum源;问题2是关于debian系统的,我们这里可以忽略)

The following are potential configuration items that you may want to fix:

1 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run ‘cobbler get-loaders’ to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a recent version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The ‘cobbler get-loaders’ command is the easiest way to resolve these requirements.
2 : debmirror package is not installed, it will be required to manage debian deployments and repositories

Restart cobblerd and then run ‘cobbler sync’ to apply changes.

---------------------------------------

第三大步:导入镜像

以下是相关配置路径(默认安装) :

Cobbler 配置主要位置:/var/lib/cobbler/
snippets 代码 位置:/var/lib/cobbler/snippets/
Kickstart 模板 位置 : /var/lib/cobbler/kickstarts/
默认使用的ks文件: /var/lib/cobbler/kickstarts/default.ks
安装源镜像 位置 : /var/www/cobbler/ks_mirror/

# ls /var/www/cobbler/ks_mirror/
config


# cobbler import --path=/yum/ --name=rhel-server-6.5-x86_64 --arch=x86_64  --将挂载的镜像目录/yum位置导入到cobbler
。。。。。。
*** TASK COMPLETE ***
# ls /var/www/cobbler/ks_mirror/    --导入完后,这里会多了刚导入的镜像目录
config  rhel-server-6.5-x86_64
# cobbler distro list       --列表你cobbler导入的镜像 
   rhel-server-6.5-x86_64
# cobbler profile list      --列表你的cobbler自动安装方案(从这里看到你导入一个镜像会默认做一个与它同名的安装方案)
   rhel-server-6.5-x86_64

----------------------------------

第四大步:
修改dhcp,让cobbler来管理dhcp,并进行cobbler配置同步

修改/etc/cobbler/dhcp.template,此文件是cobbler管理dhcp的模板(不需要象kickstart那样去修改/etc/dhcp/dhcpd.conf,修改了也没用,它会在后面做cobbler sync时把/etc/cobbler/dhcp.template拷过去覆盖/etc/dhcp/dhcpd.conf文件,并启动dhcp)

只修改下面这一段,改成你自己对应的IP和网段就可以了

subnet 1.1.1.0 netmask 255.255.255.0 {
     option routers             1.1.1.2;
     option domain-name-servers 1.1.1.2;
     option subnet-mask         255.255.255.0;
     range dynamic-bootp        1.1.1.200 1.1.1.254;
     default-lease-time         21600;
     max-lease-time             43200;
     next-server                $next_server;
     class "pxeclients" {
          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
          if option pxe-system-type = 00:02 {
                  filename "ia64/elilo.efi";
          } else if option pxe-system-type = 00:06 {
                  filename "grub/grub-x86.efi";
          } else if option pxe-system-type = 00:07 {
                  filename "grub/grub-x86_64.efi";
          } else {
                  filename "pxelinux.0";
          }
     }

}
# vim /etc/cobbler/settings --再去修改这个配置文件,改成dhcp服务由cobbler来管理
242 manage_dhcp: 1      --把0改为1
# /etc/init.d/cobblerd restart  --保存后,再重启此服务
# cobbler sync      --同步cobbler配置,并初始化,帮你启动dhcp等
。。。。。。
*** TASK COMPLETE ***


# /etc/init.d/xinetd restart    --把xinetd服务重启一下

第五大步:

测试验证:新建一个vmnet1网段(因为我前面配置的是这个网段)的虚拟机,然后启动,会出现cobbler的引导安装界面,选择并自动安装

======================================================================

补充1:
cobbler的web管理

web管理路径 
# /etc/init.d/httpd restart   --先最好重启一下httpd服务
重启时如果报443端口被占用,解决方法:
# /etc/init.d/vmware-workstation-server stop
# chkconfig vmware-workstation-server off

然后通过firefox访问下面的路径
http://IP/cobbler_web –默认用户名cobbler,密码cobbler

# htdigest /etc/cobbler/users.digest "Cobbler" abc  --增加一个abc用户
Adding user abc in realm Cobbler
New password: 
Re-type new password: 

# cat /etc/cobbler/users.digest 
cobbler:Cobbler:a2d6bae81669d707b72c0bd9806e01f3
abc:Cobbler:de5b9d396aa51c6710e62e555a2986ec

=============================================================

补充二:
关于cobbler使用ks文件的讨论

# cobbler distro list

rhel-server-6.5-x86_64

设置profile(理解为在服务器端对每一个安装镜像做角色分类,如安装名与ks文件的关联)
distro代表导入的镜像
profile代表安装方案。一个distro可以对应一个或多个profile

# cobbler profile help  --查看帮助
# cobbler profile list  --查看有哪些profile,默认会有一个和先前导入镜像同名的profile
   rhel-server-6.5-x86_64

# cobbler profile report --name rhel-server-6.5-x86_64 |grep "^Kickstart" |head -1  --通过report报告查看名为rhel-server-6.5-x86_64的安装镜像默认使用的ks文件为/var/lib/cobbler/kickstarts/sample_end.ks
Kickstart                      : /var/lib/cobbler/kickstarts/sample_end.ks


# cobbler profile add --name=my_ks1 --distro=rhel-server-6.5-x86_64  --kickstart=/ks/ks.cfg   
--把名为rhel-server-6.5-x86_64的安装镜像再加一个名为my_ks1的安装profile,使用的是/ks/ks.cfg文件(这是上次课讲kickstart时用的,你也可以自己再准备一个都行;但这里并不建议使用kickstart使用的ks文件,如果你要自己自定义,最好是去修改cobbler里的ks模版)
# cobbler profile list      --经过上面的操作,最终我导入的rhel-server-6.5-x86_64镜像拥有两种安装方案(一个是同名的安装方案,使用/var/lib/cobbler/kickstarts/sample_end.ks自动安装文件;一个是刚自己加的安装方案名为my_ks1,使用/ks/ks.cfg自动安装文件)
   my_ks1
   rhel-server-6.5-x86_64

再次使用客户端去安装验证,会出现两种安装方案给你选择

对上面操作的扩展(仅供参考)

# cobbler profile edit --name=my_ks1 --kickstart=/ks/ks2.cfg   --将my_ks1这个profile修改一个新的ks文件
# cobbler profile remove --name=my_ks1  --删除my_ks1这个profile

=============================================================

补充三:
针对ks文件的修改的讨论
上面在补充二时提到,最好不要完全照搬kickstart使用的ks文件(因为你照搬过来后,很多功能和配置和cobbler不好连接)

以上面的名字为rhel-server-6.5-x86_64的profile使用的ks文件/var/lib/cobbler/kickstarts/sample_end.ks为例来实验ks文件的修改

vim /var/lib/cobbler/kickstarts/sample_end.ks
# kickstart template for Fedora 8 and later.
# (includes %end blocks)
# do not use with earlier distros

#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth  --useshadow  --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Use text mode install
text
# Firewall configuration
firewall --enabled
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
url --url=$tree
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot

#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone  America/New_York
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Allow anaconda to partition the system as needed
part /boot --asprimary --fstype="ext4" --size=200
part swap --asprimary --fstype="swap" --size=2000
part / --asprimary --fstype="ext4" --grow --size=1           --这里是把原来的一句autopart改成自己想要的分区形式(原来是分lvm,现在我定义了三个分区)


%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end

%packages
$SNIPPET('func_install_if_enabled')
%end

%post --nochroot
$SNIPPET('log_ks_post_nochroot')
%end

%post
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')
# End final steps
touch /root/123
touch /tmp/123      --在这里又加了两句安装后的脚本,touch了两个文件
%end

保存后,用客户端安装rhel-server-6.5-x86_64来进行测试,最后发现分区和上面修改的一致,并且/root/123和/tmp/123这两个文件也都存在,说明上面的修改成功

–总结:在生产环境,你可以按这种方式把cobbler的ks文件模版,按你的需求改成几种不同的方案,再使用补充2部分里讲的cobbler profile add把这些ks文件和安装镜像对应起来做成不同的profile

========================================

补充4:
客户端使用koan与服务器的cobbler联系,实现自动重装系统

在客户端安装koan-2.6.9-1.el6.noarch.rpm软件包

# yum install koan-2.6.9-1.el6.noarch.rpm  --因为cobbler可以自动帮你解决yum的配置,所以依赖性可以直接帮你解决
# koan --server=1.1.1.2 --list=profiles    --1.1.1.2为cobbler服务器IP,得到的结果和在cobbler服务器上cobbler profile list命令得到的结果一样
   my_ks1
   rhel-server-6.5-x86_64
 koan --replace-self --server=1.1.1.2 --profile=rhel-server-6.5-x86_64  --指定本客户端按照名为rhel-server-6.5-x86_64的profile重装系统

# reboot  --敲完上面的命令,使用reboot,就会重装了(没敲上面的命令那reboot就是重启)

=====================================================================

**假设你的公司有各种linux的安装需求(rhel,centos,ubuntu,suse,debian等)
你现在要为公司设计所有的自动安装方案,怎么做?**

你可能感兴趣的:(自动化运维)