简介
Cobbler 可以用来快速建立 Linux 网络安装环境,不再需要使用光盘一台一台地安装 Linux,只要配置好PXE、DHCP、TFTP和 Kickstart 脚本,即可瞬间完成安装上百台服务器的任务
Cobbler特点:
1)Cobbler支持多种Linux操作系统得快速部署,对DHCP、HTTP、TFTP、Kiskstart、YUM仓库、电源等进行统一管理
2)Cobbler提供实现不同用户需求得可定制系统部署方案
3)Cobbler分别提供命令管理和Web界面管理、方便Cobbler管理员使用
前期准备
准备一台Centos7虚拟机,配置IP地址和hostname,关闭防火墙和selinux,同步系统时间
安装epel源
[root@localhost ~]# yum install epel-release -y
部署Cobbler
安装相关软件包
[root@localhost ~]# yum install -y cobbler cobbler-web tftp* rsync xinetd http* syslinux dhcp* pykickstart
#启动服务
[root@localhost ~]# systemctl start cobblerd
Cobbler配置
Cobbler检查
#根据检查结果进行修改
[root@localhost ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : The 'server' field in /etc/cobbler/settings must be set to something other than localhost, or kickstarting features will not work. This should be a resolvable hostname or IP for the boot server as reachable by all machines that will use it.
2 : For PXE to be functional, the 'next_server' field in /etc/cobbler/settings must be set to something other than 127.0.0.1, and should match the IP of the boot server on the PXE network.
3 : SELinux is enabled. Please review the following wiki page for details on ensuring cobbler works correctly in your SELinux environment:
https://github.com/cobbler/cobbler/wiki/Selinux
4 : change 'disable' to 'no' in /etc/xinetd.d/tftp
5 : Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.
6 : enable and start rsyncd.service with systemctl
7 : debmirror package is not installed, it will be required to manage debian deployments and repositories
8 : The default password used by the sample templates for newly installed machines (default_password_crypted in /etc/cobbler/settings) is still set to 'cobbler' and should be changed, try: "openssl passwd -1 -salt 'random-phrase-here' 'your-password-here'" to generate new one
9 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
处理错误1、2、8
#生成随机密码串
[root@localhost ~]# openssl passwd -1 -salt 'abcefghljkl' '123456789'
#123456789为机器登陆密码
#abcefghljkl为随意编写的字节干扰码
#修改配置文件
[root@localhost ~]# vi /etc/cobbler/settings
#改为本机ip
server: local_ip
next_server: local_ip
#设置新建机器的登陆密码串
default_password_crypted: "$1$abcefghl$Gibcsp93juzDkZImG.xAk0"
处理错误3
[root@localhost ~]# setenforce 0
处理错误4
[root@localhost ~]# vi /etc/xinetd.d/tftp
disable = no
处理错误6
[root@localhost ~]# systemctl start rsyncd
[root@localhost ~]# systemctl enable rsyncd
处理错误9
[root@localhost ~]# yum install -y fence-agents
重启服务
[root@localhost ~]# systemctl restart cobblerd
[root@localhost ~]# systemctl restart xinetd
挂载并导入镜像
[root@localhost ~]# mount /dev/cdrom /mnt
[root@localhost ~]# cobbler import --path=/mnt --name=Centos7-x86_64 --arch=x86_64
#查看导入情况
[root@localhost ~]# cobbler list
distros:
centos7-x86_64
profiles:
Centos7-x86_64
[root@localhost ~]# ls /var/www/cobbler/ks_mirror/
centos7 config
配置网络
配置dhcp服务
[root@localhost ~]# vi /etc/cobbler/dhcp.template
ddns-update-style interim;
allow booting;
allow bootp;
ignore client-updates;
set vendorclass = option vendor-class-identifier;
option pxe-system-type code 93 = unsigned integer 16;
#配置网段和子网掩码
subnet 192.168.29.0 netmask 255.255.255.0 {
#配置网关
option routers 192.168.29.2;
#配置DNS
option domain-name-servers 192.168.29.2;
#配置掩码
option subnet-mask 255.255.255.0;
#配置IP的范围
range dynamic-bootp 192.168.29.130 192.168.29.254;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
if option pxe-system-type = 00:02 {
filename "ia64/elilo.efi";
} else if option pxe-system-type = 00:06 {
filename "grub/grub-x86.efi";
} else if option pxe-system-type = 00:07 {
filename "grub/grub-x86_64.efi";
} else if option pxe-system-type = 00:09 {
filename "grub/grub-x86_64.efi";
} else {
filename "pxelinux.0";
}
}
}
group {
host $iface.name {
option dhcp-client-identifier = $mac;
hardware ethernet $mac;
fixed-address $iface.ip_address;
option host-name "$iface.hostname";
option subnet-mask $iface.netmask;
option routers $iface.gateway;
if exists user-class and option user-class = "gPXE" {
filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
} else if exists user-class and option user-class = "iPXE" {
filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";
} else {
filename "undionly.kpxe";
}
filename "$iface.filename";
next-server $next_server;
}
}
开启dhcp管理
[root@localhost ~]# vi /etc/cobbler/settings
manage_dhcp: 1
Cobbler服务配置
启动服务
[root@localhost ~]# systemctl restart httpd
[root@localhost ~]# systemctl restart dhcpd
[root@localhost ~]# systemctl restart cobblerd
同步cobbler配置并初始化
[root@localhost ~]# cobbler rsync
设定安装方案
自定义ks配置文件
[root@localhost ~]# vi /var/lib/cobbler/kickstarts/centos7.ks
# This kickstart file should only be used with EL > 5 and/or Fedora > 7.
# For older versions please use the sample.ks kickstart file.
#platform=x86, AMD64, or Intel EM64T
# System authorization information
auth --useshadow --enablemd5
# System bootloader configuration
bootloader --location=mbr
# Partition clearing information
clearpart --all --initlabel
# Use text mode install
text
# Firewall configuration
firewall --enabled
# Run the Setup Agent on first boot
firstboot --disable
# System keyboard
keyboard us
# System language
lang en_US
# Use network installation
url --url=http://local_ip/cobbler/ks_mirror/centos7
# If any cobbler repo definitions were referenced in the kickstart profile, include them here.
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot
#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone Asia/Shanghai --isUtc
# Install OS instead of upgrade
install
# Clear the Master Boot Record
zerombr
# Allow anaconda to partition the system as needed
part /boot --fstype="xfs" --size=500
part swap --fstype="swap" --size=4096
part pv.01 --size=10240
volgroup vg_uplooking pv.01
logvol / --vgname=vg_uplooking --size=10230 --name=lv_root
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
# Enable installation monitoring
$SNIPPET('pre_anamon')
%end
%packages
$SNIPPET('func_install_if_enabled')
@Development tools
@Compatibility libraries
%end
%post --nochroot
$SNIPPET('log_ks_post_nochroot')
%end
$yum_repo_stanza
# Network information
$SNIPPET('network_config')
# Reboot after installation
reboot
#Root password
rootpw --iscrypted $default_password_crypted
# SELinux configuration
selinux --disabled
# Do not configure the X Window System
skipx
# System timezone
timezone Asia/Shanghai --isUtc
# Install OS instead of upgrade
zerombr
# Disk partitioning information
part /boot --fstype="xfs" --size=500
part swap --fstype="swap" --size=4096
%post
$SNIPPET('log_ks_post')
# Start yum configuration
$yum_config_stanza
# End yum configuration
$SNIPPET('post_install_kernel_options')
$SNIPPET('post_install_network_config')
$SNIPPET('func_register_if_enabled')
$SNIPPET('download_config_files')
$SNIPPET('koan_environment')
$SNIPPET('redhat_register')
$SNIPPET('cobbler_register')
# Enable post-install boot notification
$SNIPPET('post_anamon')
# Start final steps
$SNIPPET('kickstart_done')
# End final steps
%end
自定义的ks文件指定成默认的安装方案
[root@localhost ~]# cobbler profile edit --name=Centos7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7.ks