CentOS7下利用Cobbler安装部署

CentOS7下利用Cobbler安装部署CentOS




Cobbler是一款快速的网络系统部署工具,其最大的特点是集合了所有系统部署所需服务,如DHCP、DNS、TFTP,这样你在部署一台操作系统的时候不需要在各个服务之前协调切换,Cobbler都可以替你来管理,Cobbler内部集成了一个镜像版本仓库,你可以自定义相关配置文件,实现不同系统不同安装需求的选择;当然,Cobbler还提供了包括yum源管理、Web界面管理、API接口、电源管理等功能,方便你自定义开发管理。


一、关闭SELINUX
vi /etc/selinux/config
#SELINUX=enforcing #注释掉
#SELINUXTYPE=targeted #注释掉
SELINUX=disabled #增加
:wq!  #保存退出
setenforce 0 #使配置立即生效
二、配置防火墙,开启TCP:80端口、TCP:25151端口、UDP:69端口
vi /etc/sysconfig/iptables  #编辑
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT  #http服务需要此端口
-A RH-Firewall-1-INPUT -m state --state NEW -m udp -p udp --dport 69 -j ACCEPT  #tftp服务需要此端口
-A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25151 -j ACCEPT  #cobbler需要此端口
:wq!  #保存退出
/etc/init.d/iptables restart #最后重启防火墙使配置生效


1)安装epel源和cobbler
[root@cobbler ~]# yum -y install http://mirrors.163.com/centos/7/extras/x86_64/Packages/epel-release-7-9.noarch.rpm 
[root@cobbler ~]# yum install cobbler cobbler-web dhcp tftp-server pykickstart httpd xinetd -y 
[root@cobbler ~]# systemctl start xinetd.service 
[root@cobbler ~]# systemctl enable xinetd.service 
[root@cobbler ~]# systemctl start httpd 
[root@cobbler ~]# systemctl enable httpd 
Created symlink from /etc/systemd/system/multi-user.target.wants/httpd.service to /usr/lib/systemd/system/httpd.service. 
[root@cobbler ~]# systemctl start cobblerd.service 
[root@cobbler ~]# systemctl enable cobblerd.service 
Created symlink from /etc/systemd/system/multi-user.target.wants/cobblerd.service to /usr/lib/systemd/system/cobblerd.service.


2)配置cobbler


检查cobbler: 
[root@cobbler ~]# cobbler check 
The following are potential configuration items that you may want to fix: 
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work.  This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it. 
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network. 
3 : change 'disable' to 'no' in /etc/xinetd.d/tftp
4 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 
5 : enable and start rsyncd.service with systemctl 
6 : debmirror package is not installed, it will be required to manage debian deployments and repositories 
7 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one 
8 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them 
Restart cobblerd and then run 'cobbler sync' to apply changes.


修改cobbler的配置文件:
[root@cobbler ~]# vim /etc/cobbler/settings 
# if you do not set this correctly, this will be manifested in TFTP open timeouts. 
将“next_server: 127.0.0.1”修改为“next_server: 10.10.10.222” 
将“server: 127.0.0.1”修改为“server: 10.10.10.222” 
# set to 1 to enable Cobbler's DHCP management features. 
# the choice of DHCP management engine is in /etc/cobbler/modules.conf 
将“manage_dhcp: 0”修改为“manage_dhcp: 1”


修改cobbler默认的密码:


将“default_password_crypted: "$1$mF86/UHC$WvcIcX2t6crBz2onWxyac."”修改为“default_password_crypted: "$1$wanwan$K9lP0CajD0pbFaxI0if84/"” 
随机生成一个密码: 
[root@cobbler ~]# openssl passwd -1 -salt 'wanwan' 'RedHat12345' 
$1$wanwan$K9lP0CajD0pbFaxI0if84/ 
[root@cobbler ~]# vim /etc/xinetd.d/tftp 
将“disable                = yes”修改为“disable                = no”


重启rsync服务:


[root@cobbler ~]# systemctl start rsyncd.service 
[root@cobbler ~]# systemctl enable rsyncd.service 
Created symlink from /etc/systemd/system/multi-user.target.wants/rsyncd.service to /usr/lib/systemd/system/rsyncd.service.


下载cobbler相关的包:
[root@cobbler ~]# cobbler get-loaders 
task started: 2017-03-20_110931_get_loaders 
task started (id=Download Bootloader Content, time=Mon Mar 20 11:09:31 2017) 
downloading https://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading https://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo 
downloading https://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot 
downloading https://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux 
downloading https://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi 
downloading https://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading https://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0 
downloading https://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32 
downloading https://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi 
downloading https://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi 
*** TASK COMPLETE *** 
[root@cobbler ~]# systemctl restart cobblerd.service  
[root@cobbler ~]# cobbler check 
The following are potential configuration items that you may want to fix: 
1 : debmirror package is not installed, it will be required to manage debian deployments and repositories 
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them 
[root@cobbler ~]# cd /etc/cobbler/ 
[root@cobbler cobbler]# ls 
auth.conf      dhcp.template          ldap            power          rsync.template      users.conf    zone_templates 
cheetah_macros  dnsmasq.template        modules.conf    pxe            secondary.template  users.digest 
cobbler_bash    import_rsync_whitelist  mongodb.conf    reporting      settings            version 
completions    iso                    named.template  rsync.exclude  tftpd.template      zone.template


3)配置服务


[root@cobbler cobbler]# vim dhcp.template  
subnet 10.10.10.0 netmask 255.255.255.0 { 
    option routers            10.10.10.2; 
    option domain-name-servers 10.10.10.2; 
    option subnet-mask        255.255.255.0; 
    range dynamic-bootp        10.10.10.100 10.10.10.200; 
    default-lease-time        21600; 
    max-lease-time            43200; 
    next-server                $next_server; 
    class "pxeclients" { 
          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; 
          if option pxe-system-type = 00:02 { 
                  filename "ia64/elilo.efi"; 
          } else if option pxe-system-type = 00:06 { 
                  filename "grub/grub-x86.efi"; 
          } else if option pxe-system-type = 00:07 { 
                  filename "grub/grub-x86_64.efi"; 
          } else { 
                  filename "pxelinux.0"; 
          } 
    } 

备注:主要修改网段、DNS、网关等信息 
[root@cobbler cobbler]# cobbler sync 
通过cobbler管理的dhcp的配置文件 
[root@cobbler cobbler]# egrep -v '^#|^$' /etc/dhcp/dhcpd.conf  
ddns-update-style interim; 
allow booting; 
allow bootp; 
ignore client-updates; 
set vendorclass = option vendor-class-identifier; 
option pxe-system-type code 93 = unsigned integer 16; 
subnet 10.10.10.0 netmask 255.255.255.0 { 
    option routers            10.10.10.2; 
    option domain-name-servers 10.10.10.2; 
    option subnet-mask        255.255.255.0; 
    range dynamic-bootp        10.10.10.100 10.10.10.200; 
    default-lease-time        21600; 
    max-lease-time            43200; 
    next-server                10.10.10.222; 
    class "pxeclients" { 
          match if substring (option vendor-class-identifier, 0, 9) = "PXEClient"; 
          if option pxe-system-type = 00:02 { 
                  filename "ia64/elilo.efi"; 
          } else if option pxe-system-type = 00:06 { 
                  filename "grub/grub-x86.efi"; 
          } else if option pxe-system-type = 00:07 { 
                  filename "grub/grub-x86_64.efi"; 
          } else { 
                  filename "pxelinux.0"; 
          } 
    } 

group { 
}


挂载并导入数据:
[root@cobbler ~]# mount /dev/cdrom /mnt 
mount: /dev/sr0 is write-protected, mounting read-only 
[root@cobbler ~]# df -h 
Filesystem          Size  Used Avail Use% Mounted on 
/dev/mapper/cl-root  50G  9.8G  41G  20% / 
devtmpfs            1.9G    0  1.9G  0% /dev
tmpfs                1.9G  144K  1.9G  1% /dev/shm
tmpfs                1.9G  9.0M  1.9G  1% /run
tmpfs                1.9G    0  1.9G  0% /sys/fs/cgroup
/dev/mapper/cl-home  46G  36M  46G  1% /home
/dev/sda1          1014M  175M  840M  18% /boot
tmpfs                378M  12K  378M  1% /run/user/0
/dev/sr0            4.1G  4.1G    0 100% /mnt
[root@cobbler ~]# cobbler import --path=/mnt --name=CentOS-7.3 --arch=x86_64 
task started: 2017-03-20_113200_import 
task started (id=Media import, time=Mon Mar 20 11:32:00 2017) 
Found a candidate signature: breed=redhat, version=rhel6 
Found a candidate signature: breed=redhat, version=rhel7 
Found a matching signature: breed=redhat, version=rhel7 
Adding distros from path /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64: 
creating new distro: CentOS-7.3-x86_64 
trying symlink: /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64 -> /var/www/cobbler/links/CentOS-7.3-x86_64 
creating new profile: CentOS-7.3-x86_64 
associating repos 
checking for rsync repo(s) 
checking for rhn repo(s) 
checking for yum repo(s) 
starting descent into /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64 for CentOS-7.3-x86_64 
processing repo at : /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64 
need to process repo/comps: /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64 
looking for /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/repodata/*comps*.xml 
Keeping repodata as-is :/var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/repodata
*** TASK COMPLETE ***


说明:cobbler导入的镜像放在:/var/www/cobbler/ks_mirror


[root@cobbler ks_mirror]# pwd 
/var/www/cobbler/ks_mirror
[root@cobbler ks_mirror]# ls 
CentOS-7.3-x86_64  config


默认kickstart文件存放位置:/var/lib/cobbler/kickstarts/


[root@cobbler ~]# cd /var/lib/cobbler/kickstarts/ 
[root@cobbler kickstarts]# ll 
total 52 
-rw-r--r-- 1 root root  115 Nov 17 03:09 default.ks 
-rw-r--r-- 1 root root  22 Nov 17 03:09 esxi4-ks.cfg 
-rw-r--r-- 1 root root  22 Nov 17 03:09 esxi5-ks.cfg 
drwxr-xr-x 2 root root  56 Mar 20 10:39 install_profiles 
-rw-r--r-- 1 root root 1424 Nov 17 03:09 legacy.ks 
-rw-r--r-- 1 root root  292 Nov 17 03:09 pxerescue.ks 
-rw-r--r-- 1 root root 2916 Nov 17 03:09 sample_autoyast.xml 
-rw-r--r-- 1 root root 1825 Nov 17 03:09 sample_end.ks 
-rw-r--r-- 1 root root    0 Nov 17 03:09 sample_esx4.ks 
-rw-r--r-- 1 root root  324 Nov 17 03:09 sample_esxi4.ks 
-rw-r--r-- 1 root root  386 Nov 17 03:09 sample_esxi5.ks 
-rw-r--r-- 1 root root 1784 Nov 17 03:09 sample.ks 
-rw-r--r-- 1 root root 3419 Nov 17 03:09 sample_old.seed 
-rw-r--r-- 1 root root 5879 Nov 17 03:09 sample.seed 
[root@cobbler ~]# cobbler list 
distros: 
  CentOS-7.3-x86_64 
profiles: 
  CentOS-7.3-x86_64 
systems: 
repos: 
images: 
mgmtclasses: 
packages: 
files: 
[root@cobbler ~]# cobbler profile report 
Name                          : CentOS-7.3-x86_64 
TFTP Boot Files                : {} 
Comment                        :  
DHCP Tag                      : default 
Distribution                  : CentOS-7.3-x86_64 
Enable gPXE?                  : 0 
Enable PXE Menu?              : 1 
Fetchable Files                : {} 
Kernel Options                : {} 
Kernel Options (Post Install)  : {} 
Kickstart                      : /var/lib/cobbler/kickstarts/sample_end.ks 
Kickstart Metadata            : {} 
Management Classes            : [] 
Management Parameters          : <
Name Servers                  : [] 
Name Servers Search Path      : [] 
Owners                        : ['admin'] 
Parent Profile                :  
Internal proxy                :  
Red Hat Management Key        : <
Red Hat Management Server      : <
Repos                          : [] 
Server Override                : <
Template Files                : {} 
Virt Auto Boot                : 1 
Virt Bridge                    : xenbr0 
Virt CPUs                      : 1 
Virt Disk Driver Type          : raw 
Virt File Size(GB)            : 5 
Virt Path                      :  
Virt RAM (MB)                  : 512 
Virt Type                      : kvm


查看cobbler profile的帮助:
[root@cobbler ~]# cobbler profile edit --help 
Usage: cobbler [options] 
Options: 
  -h, --help            show this help message and exit
  --name=NAME          Name (Ex: F10-i386-webserver) 
  --uid=UID              
  --owners=OWNERS      Owners (Owners list for authz_ownership (space 
                        delimited)) 
  --distro=DISTRO      Distribution (Parent distribution) 
  --parent=PARENT      Parent Profile 
  --enable-gpxe=ENABLE_GPXE 
                        Enable gPXE? (Use gPXE instead of PXELINUX for
                        advanced booting options) 
  --enable-menu=ENABLE_MENU 
                        Enable PXE Menu? (Show this profile in the PXE menu?) 
  --kickstart=KICKSTART 
                        Kickstart (Path to kickstart template) 
  --kopts=KERNEL_OPTIONS 
                        Kernel Options (Ex: selinux=permissive) 
  --kopts-post=KERNEL_OPTIONS_POST 
                        Kernel Options (Post Install) (Ex: clocksource=pit 
                        noapic) 
  --ksmeta=KS_META      Kickstart Metadata (Ex: dog=fang agent=86) 
  --proxy=PROXY        Internal proxy (Internal proxy URL) 
  --repos=REPOS        Repos (Repos to auto-assign to this profile) 
  --comment=COMMENT    Comment (Free form text description) 
  --virt-auto-boot=VIRT_AUTO_BOOT 
                        Virt Auto Boot (Auto boot this VM?) 
  --virt-cpus=VIRT_CPUS 
                        Virt CPUs (integer) 
  --virt-file-size=VIRT_FILE_SIZE 
                        Virt File Size(GB) 
  --virt-disk-driver=VIRT_DISK_DRIVER 
                        Virt Disk Driver Type (The on-disk format for the 
                        virtualization disk) 
  --virt-ram=VIRT_RAM  Virt RAM (MB) 
  --depth=DEPTH          
  --virt-type=VIRT_TYPE 
                        Virt Type (Virtualization technology to use) (valid 
                        options: xenpv,xenfv,qemu,kvm,vmware,openvz,SETTINGS:d 
                        efault_virt_type) 
  --virt-path=VIRT_PATH 
                        Virt Path (Ex: /directory OR VolGroup00) 
  --virt-bridge=VIRT_BRIDGE 
                        Virt Bridge 
  --dhcp-tag=DHCP_TAG  DHCP Tag (See manpage or leave blank) 
  --server=SERVER      Server Override (See manpage or leave blank) 
  --ctime=CTIME          
  --mtime=MTIME          
  --name-servers=NAME_SERVERS 
                        Name Servers (space delimited) 
  --name-servers-search=NAME_SERVERS_SEARCH 
                        Name Servers Search Path (space delimited) 
  --mgmt-classes=MGMT_CLASSES 
                        Management Classes (For external configuration 
                        management) 
  --mgmt-parameters=MGMT_PARAMETERS 
                        Management Parameters (Parameters which will be handed 
                        to your management application (Must be valid YAML 
                        dictionary)) 
  --boot-files=BOOT_FILES 
                        TFTP Boot Files (Files copied into tftpboot beyond the 
                        kernel/initrd) 
  --fetchable-files=FETCHABLE_FILES 
                        Fetchable Files (Templates for tftp or wget/curl) 
  --template-files=TEMPLATE_FILES 
                        Template Files (File mappings for built-in config 
                        management) 
  --redhat-management-key=REDHAT_MANAGEMENT_KEY 
                        Red Hat Management Key (Registration key for RHN, 
                        Spacewalk, or Satellite) 
  --redhat-management-server=REDHAT_MANAGEMENT_SERVER 
                        Red Hat Management Server (Address of Spacewalk or 
                        Satellite Server) 
  --template-remote-kickstarts=TEMPLATE_REMOTE_KICKSTARTS 
  --clobber            allow add to overwrite existing objects 
  --in-place            edit items in kopts or ksmeta without clearing the 
                        other items


修改kickstart文件:


[root@cobbler ~]# cobbler profile edit --name=CentOS-7.3-x86_64 --kickstart=/var/lib/cobbler/kickstarts/CentOS-7.3-x86_64.cfg


修改内核参数:


[root@cobbler ~]# cobbler profile edit --name=CentOS-7.3-x86_64 --kopts='net.ifnames=0 biosdevname=0' 
[root@cobbler ~]# cobbler profile report 
Name                          : CentOS-7.3-x86_64 
TFTP Boot Files                : {} 
Comment                        :  
DHCP Tag                      : default 
Distribution                  : CentOS-7.3-x86_64 
Enable gPXE?                  : 0 
Enable PXE Menu?              : 1 
Fetchable Files                : {} 
Kernel Options                : {'biosdevname': '0', 'net.ifnames': '0'} 
Kernel Options (Post Install)  : {} 
Kickstart                      : /var/lib/cobbler/kickstarts/CentOS-7.3-x86_64.cfg 
Kickstart Metadata            : {} 
Management Classes            : [] 
Management Parameters          : <
Name Servers                  : [] 
Name Servers Search Path      : [] 
Owners                        : ['admin'] 
Parent Profile                :  
Internal proxy                :  
Red Hat Management Key        : <
Red Hat Management Server      : <
Repos                          : [] 
Server Override                : <
Template Files                : {} 
Virt Auto Boot                : 1 
Virt Bridge                    : xenbr0 
Virt CPUs                      : 1 
Virt Disk Driver Type          : raw 
Virt File Size(GB)            : 5 
Virt Path                      :  
Virt RAM (MB)                  : 512 
Virt Type                      : kvm 
[root@cobbler ~]# cobbler sync 
task started: 2017-03-20_135014_sync 
task started (id=Sync, time=Mon Mar 20 13:50:14 2017) 
running pre-sync triggers 
cleaning trees 
removing: /var/www/cobbler/images/CentOS-7.3-x86_64 
removing: /var/lib/tftpboot/pxelinux.cfg/default
removing: /var/lib/tftpboot/grub/images
removing: /var/lib/tftpboot/grub/grub-x86.efi 
removing: /var/lib/tftpboot/grub/grub-x86_64.efi 
removing: /var/lib/tftpboot/grub/efidefault
removing: /var/lib/tftpboot/images/CentOS-7.3-x86_64 
removing: /var/lib/tftpboot/s390x/profile_list
copying bootloaders 
trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0 
copying: /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0 
trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32 
copying: /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32 
trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi 
trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi 
copying distros to tftpboot 
copying files for distro: CentOS-7.3-x86_64 
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/images/pxeboot/vmlinuz -> /var/lib/tftpboot/images/CentOS-7.3-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/images/pxeboot/initrd.img -> /var/lib/tftpboot/images/CentOS-7.3-x86_64/initrd.img 
copying images 
generating PXE configuration files 
generating PXE menu structure 
copying files for distro: CentOS-7.3-x86_64 
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/images/pxeboot/vmlinuz -> /var/www/cobbler/images/CentOS-7.3-x86_64/vmlinuz
trying hardlink /var/www/cobbler/ks_mirror/CentOS-7.3-x86_64/images/pxeboot/initrd.img -> /var/www/cobbler/images/CentOS-7.3-x86_64/initrd.img 
Writing template files for CentOS-7.3-x86_64 
rendering DHCP files 
generating /etc/dhcp/dhcpd.conf 
rendering TFTPD files 
generating /etc/xinetd.d/tftp
processing boot_files for distro: CentOS-7.3-x86_64 
cleaning link caches 
running post-sync triggers 
running python triggers from /var/lib/cobbler/triggers/sync/post/* 
running python trigger cobbler.modules.sync_post_restart_services 
running: dhcpd -t -q 
received on stdout:  
received on stderr:  
running: service dhcpd restart 
received on stdout:  
received on stderr: Redirecting to /bin/systemctl restart  dhcpd.service 
running shell triggers from /var/lib/cobbler/triggers/sync/post/* 
running python triggers from /var/lib/cobbler/triggers/change/* 
running python trigger cobbler.modules.scm_track 
running shell triggers from /var/lib/cobbler/triggers/change/* 
*** TASK COMPLETE ***

你可能感兴趣的:(os)