CentOS7下利用Cobbler安装部署CentOS
Cobbler是一款快速的网络系统部署工具,其最大的特点是集合了所有系统部署所需服务,如DHCP、DNS、TFTP,这样你在部署一台操作系统的时候不需要在各个服务之前协调切换,Cobbler都可以替你来管理,Cobbler内部集成了一个镜像版本仓库,你可以自定义相关配置文件,实现不同系统不同安装需求的选择;当然,Cobbler还提供了包括yum源管理、Web界面管理、API接口、电源管理等功能,方便你自定义开发管理。
一、关闭SELINUX
vi /etc/selinux/config
#SELINUX=enforcing #注释掉
#SELINUXTYPE=targeted #注释掉
SELINUX=disabled #增加
:wq! #保存退出
setenforce 0 #使配置立即生效
二、配置防火墙,开启TCP:80端口、TCP:25151端口、UDP:69端口
vi /etc/sysconfig/iptables #编辑
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT #http服务需要此端口
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT #tftp服务需要此端口
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25151 -j ACCEPT #cobbler需要此端口
:wq! #保存退出
/etc/init.d/iptables restart #最后重启防火墙使配置生效
1)安装epel源和cobbler
[root@cobbler ~]# yum -y install http://mirrors.163.com/centos/7/extras/x86_64/Packages/epel-release-7-9.noarch.rpm
[root@cobbler ~]# yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd xinetd -y
[root@cobbler ~]# systemctl start xinetd.service
[root@cobbler ~]# systemctl enable xinetd.service
[root@cobbler ~]# systemctl start httpd
[root@cobbler ~]# systemctl enable httpd
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service.
[root@cobbler ~]# systemctl start cobblerd.service
[root@cobbler ~]# systemctl enable cobblerd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.
2)配置cobbler
检查cobbler:
[root@cobbler ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
5 : enable and start rsyncd.service with systemctl
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
修改cobbler的配置文件:
[root@cobbler ~]# vim /etc/cobbler/settings
# if you do not set this correctly, this will be manifested in TFTP open timeouts.
将“next_server: 127.0.0.1”修改为“next_server: 10.10.10.222”
将“server: 127.0.0.1”修改为“server: 10.10.10.222”
# set to 1 to enable Cobbler's DHCP management features.
# the choice of DHCP management engine is in /etc/cobbler/modules.conf
将“manage_dhcp: 0”修改为“manage_dhcp: 1”
修改cobbler默认的密码:
将“default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac."”修改为“default_password_crypted: "$1$wanwan$K9lP0CajD0pbFaxI0if84/"”
随机生成一个密码:
[root@cobbler ~]# openssl passwd -1 -salt 'wanwan' 'RedHat12345'
$1$wanwan$K9lP0CajD0pbFaxI0if84/
[root@cobbler ~]# vim /etc/xinetd.d/tftp
将“disable = yes”修改为“disable = no”
重启rsync服务:
[root@cobbler ~]# systemctl start rsyncd.service
[root@cobbler ~]# systemctl enable rsyncd.service
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.
下载cobbler相关的包:
[root@cobbler ~]# cobbler get-loaders
task started: 2017-03-20_110931_get_loaders
task started (id=Download Bootloader Content, time=Mon Mar 20 11:09:31 2017)
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***
[root@cobbler ~]# systemctl restart cobblerd.service
[root@cobbler ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
[root@cobbler ~]# cd /etc/cobbler/
[root@cobbler cobbler]# ls
auth.conf dhcp.template ldap power rsync.template users.conf zone_templates
cheetah_macros dnsmasq.template modules.conf pxe secondary.template users.digest
cobbler_bash import_rsync_whitelist mongodb.conf reporting settings version
completions iso named.template rsync.exclude tftpd.template zone.template
3)配置服务
[root@cobbler cobbler]# vim dhcp.template
subnet 10.10.10.0 netmask 255.255.255.0 {
option routers 10.10.10.2;
option domain-name-servers 10.10.10.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.10.10.100 10.10.10.200;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
}
备注:主要修改网段、DNS、网关等信息
[root@cobbler cobbler]# cobbler sync
通过cobbler管理的dhcp的配置文件
[root@cobbler cobbler]# egrep -v '^#|^$' /etc/dhcp/dhcpd.conf
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
subnet 10.10.10.0 netmask 255.255.255.0 {
option routers 10.10.10.2;
option domain-name-servers 10.10.10.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.10.10.100 10.10.10.200;
default-lease-time 21600;
max-lease-time 43200;
next-server 10.10.10.222;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
}
group {
}
挂载并导入数据:
[root@cobbler ~]# mount /dev/cdrom /mnt
mount: /dev/sr0 is write-protected, mounting read-only
[root@cobbler ~]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/cl-root 50G 9.8G 41G 20% /
devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs 1.9G 144K 1.9G 1% /dev/shm
tmpfs 1.9G 9.0M 1.9G 1% /run
tmpfs 1.9G 0 1.9G 0% /sys/fs/cgroup
/dev/mapper/cl-home 46G 36M 46G 1% /home
/dev/sda1 1014M 175M 840M 18% /boot
tmpfs 378M 12K 378M 1% /run/user/0
/dev/sr0 4.1G 4.1G 0 100% /mnt
[root@cobbler ~]# cobbler import --path=/mnt --name=CentOS-7.3 --arch=x86_64
task started: 2017-03-20_113200_import
task started (id=Media import, time=Mon Mar 20 11:32:00 2017)
Found a candidate signature: breed=redhat, version=rhel6
Found a candidate signature: breed=redhat, version=rhel7
Found a matching signature: breed=redhat, version=rhel7
Adding distros from path /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64:
creating new distro: CentOS-7.3-x86_64
trying symlink: /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64 -> /var/www/cobbler/links/CentOS-7.3-x86_64
creating new profile: CentOS-7.3-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64 for CentOS-7.3-x86_64
processing repo at : /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64
looking for /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/repodata
*** TASK COMPLETE ***
说明:cobbler导入的镜像放在:/var/www/cobbler/ks_mirror
[root@cobbler ks_mirror]# pwd
/var/www/cobbler/ks_mirror
[root@cobbler ks_mirror]# ls
CentOS-7.3-x86_64 config
默认kickstart文件存放位置:/var/lib/cobbler/kickstarts/
[root@cobbler ~]# cd /var/lib/cobbler/kickstarts/
[root@cobbler kickstarts]# ll
total 52
-rw-r--r-- 1 root root 115 Nov 17 03:09 default.ks
-rw-r--r-- 1 root root 22 Nov 17 03:09 esxi4-ks.cfg
-rw-r--r-- 1 root root 22 Nov 17 03:09 esxi5-ks.cfg
drwxr-xr-x 2 root root 56 Mar 20 10:39 install_profiles
-rw-r--r-- 1 root root 1424 Nov 17 03:09 legacy.ks
-rw-r--r-- 1 root root 292 Nov 17 03:09 pxerescue.ks
-rw-r--r-- 1 root root 2916 Nov 17 03:09 sample_autoyast.xml
-rw-r--r-- 1 root root 1825 Nov 17 03:09 sample_end.ks
-rw-r--r-- 1 root root 0 Nov 17 03:09 sample_esx4.ks
-rw-r--r-- 1 root root 324 Nov 17 03:09 sample_esxi4.ks
-rw-r--r-- 1 root root 386 Nov 17 03:09 sample_esxi5.ks
-rw-r--r-- 1 root root 1784 Nov 17 03:09 sample.ks
-rw-r--r-- 1 root root 3419 Nov 17 03:09 sample_old.seed
-rw-r--r-- 1 root root 5879 Nov 17 03:09 sample.seed
[root@cobbler ~]# cobbler list
distros:
CentOS-7.3-x86_64
profiles:
CentOS-7.3-x86_64
systems:
repos:
images:
mgmtclasses:
packages:
files:
[root@cobbler ~]# cobbler profile report
Name : CentOS-7.3-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : CentOS-7.3-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/sample_end.ks
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <>
Red Hat Management Server : <>
Repos : []
Server Override : <>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
查看cobbler profile的帮助:
[root@cobbler ~]# cobbler profile edit --help
Usage: cobbler [options]
Options:
-h, --help show this help message and exit
--name=NAME Name (Ex: F10-i386-webserver)
--uid=UID
--owners=OWNERS Owners (Owners list for authz_ownership (space
delimited))
--distro=DISTRO Distribution (Parent distribution)
--parent=PARENT Parent Profile
--enable-gpxe=ENABLE_GPXE
Enable gPXE? (Use gPXE instead of PXELINUX for
advanced booting options)
--enable-menu=ENABLE_MENU
Enable PXE Menu? (Show this profile in the PXE menu?)
--kickstart=KICKSTART
Kickstart (Path to kickstart template)
--kopts=KERNEL_OPTIONS
Kernel Options (Ex: selinux=permissive)
--kopts-post=KERNEL_OPTIONS_POST
Kernel Options (Post Install) (Ex: clocksource=pit
noapic)
--ksmeta=KS_META Kickstart Metadata (Ex: dog=fang agent=86)
--proxy=PROXY Internal proxy (Internal proxy URL)
--repos=REPOS Repos (Repos to auto-assign to this profile)
--comment=COMMENT Comment (Free form text description)
--virt-auto-boot=VIRT_AUTO_BOOT
Virt Auto Boot (Auto boot this VM?)
--virt-cpus=VIRT_CPUS
Virt CPUs (integer)
--virt-file-size=VIRT_FILE_SIZE
Virt File Size(GB)
--virt-disk-driver=VIRT_DISK_DRIVER
Virt Disk Driver Type (The on-disk format for the
virtualization disk)
--virt-ram=VIRT_RAM Virt RAM (MB)
--depth=DEPTH
--virt-type=VIRT_TYPE
Virt Type (Virtualization technology to use) (valid
options: xenpv,xenfv,qemu,kvm,vmware,openvz,SETTINGS:d
efault_virt_type)
--virt-path=VIRT_PATH
Virt Path (Ex: /directory OR VolGroup00)
--virt-bridge=VIRT_BRIDGE
Virt Bridge
--dhcp-tag=DHCP_TAG DHCP Tag (See manpage or leave blank)
--server=SERVER Server Override (See manpage or leave blank)
--ctime=CTIME
--mtime=MTIME
--name-servers=NAME_SERVERS
Name Servers (space delimited)
--name-servers-search=NAME_SERVERS_SEARCH
Name Servers Search Path (space delimited)
--mgmt-classes=MGMT_CLASSES
Management Classes (For external configuration
management)
--mgmt-parameters=MGMT_PARAMETERS
Management Parameters (Parameters which will be handed
to your management application (Must be valid YAML
dictionary))
--boot-files=BOOT_FILES
TFTP Boot Files (Files copied into tftpboot beyond the
kernel/initrd)
--fetchable-files=FETCHABLE_FILES
Fetchable Files (Templates for tftp or wget/curl)
--template-files=TEMPLATE_FILES
Template Files (File mappings for built-in config
management)
--redhat-management-key=REDHAT_MANAGEMENT_KEY
Red Hat Management Key (Registration key for RHN,
Spacewalk, or Satellite)
--redhat-management-server=REDHAT_MANAGEMENT_SERVER
Red Hat Management Server (Address of Spacewalk or
Satellite Server)
--template-remote-kickstarts=TEMPLATE_REMOTE_KICKSTARTS
--clobber allow add to overwrite existing objects
--in-place edit items in kopts or ksmeta without clearing the
other items
修改kickstart文件:
[root@cobbler ~]# cobbler profile edit --name=CentOS-7.3-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7.3-x86_64.cfg
修改内核参数:
[root@cobbler ~]# cobbler profile edit --name=CentOS-7.3-x86_64 --kopts='net.ifnames=0 biosdevname=0'
[root@cobbler ~]# cobbler profile report
Name : CentOS-7.3-x86_64
TFTP Boot Files : {}
Comment :
DHCP Tag : default
Distribution : CentOS-7.3-x86_64
Enable gPXE? : 0
Enable PXE Menu? : 1
Fetchable Files : {}
Kernel Options : {'biosdevname': '0', 'net.ifnames': '0'}
Kernel Options (Post Install) : {}
Kickstart : /var/lib/cobbler/kickstarts/CentOS-7.3-x86_64.cfg
Kickstart Metadata : {}
Management Classes : []
Management Parameters : <>
Name Servers : []
Name Servers Search Path : []
Owners : ['admin']
Parent Profile :
Internal proxy :
Red Hat Management Key : <>
Red Hat Management Server : <>
Repos : []
Server Override : <>
Template Files : {}
Virt Auto Boot : 1
Virt Bridge : xenbr0
Virt CPUs : 1
Virt Disk Driver Type : raw
Virt File Size(GB) : 5
Virt Path :
Virt RAM (MB) : 512
Virt Type : kvm
[root@cobbler ~]# cobbler sync
task started: 2017-03-20_135014_sync
task started (id=Sync, time=Mon Mar 20 13:50:14 2017)
running pre-sync triggers
cleaning trees
removing: /var/www/cobbler/images/CentOS-7.3-x86_64
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi
removing: /var/lib/tftpboot/grub/grub-x86_64.efi
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/images/CentOS-7.3-x86_64
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi
copying distros to tftpboot
copying files for distro: CentOS-7.3-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/CentOS-7.3-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/CentOS-7.3-x86_64/initrd.img
copying images
generating PXE configuration files
generating PXE menu structure
copying files for distro: CentOS-7.3-x86_64
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/CentOS-7.3-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/CentOS-7.3-x86_64/initrd.img
Writing template files for CentOS-7.3-x86_64
rendering DHCP files
generating /etc/dhcp/dhcpd.conf
rendering TFTPD files
generating /etc/xinetd.d/tftp
processing boot_files for distro: CentOS-7.3-x86_64
cleaning link caches
running post-sync triggers
running python triggers from /var/lib/cobbler/triggers/sync/post/*
running python trigger cobbler.modules.sync_post_restart_services
running: dhcpd -t -q
received on stdout:
received on stderr:
running: service dhcpd restart
received on stdout:
received on stderr: Redirecting to /bin/systemctl restart dhcpd.service
running shell triggers from /var/lib/cobbler/triggers/sync/post/*
running python triggers from /var/lib/cobbler/triggers/change/*
running python trigger cobbler.modules.scm_track
running shell triggers from /var/lib/cobbler/triggers/change/*
*** TASK COMPLETE ***