Cobbler自动化安装Linux系统
Cobbler介绍
Cobbler称之为 网络安装服务器套件,可以通过网络启动(PXE)的方式来快速安装、重装物理服务器和虚拟机,同时还可以管理DHCP,DNS等。管理方式:可以使用命令行方式管理,也可以基于Web的界面管理工具(cobbler-web)管理,还可以通过API接口二次开发。
另外Cobbler是较早前的kickstart的升级版,优点是比较容易配置,还自带web界面比较易于管理。
Cobbler内置了一个轻量级配置管理系统,但它也支持和其它配置管理系统集成,如Puppet,暂时不支持SaltStack。
通过Cobbler配置模板可以管理 PXE服务、DHCP服务、DNS服务、电源管理、Kickstart服务支持、YUM仓库、TFTP(PXE启动时需要),通过Apache(提供kickstart的安装源,并提供定制化的kickstart配置)进行网络自动化安装系统
安装cobbler
安装环境centos-6.8-x86_64
在安装之前先配置epel源,同时yum安装python-simplejson和Django14-1.4.14-1.el6.noarch.rpm(如果centos6不安装Django,会在安装cobbler-web出错)。
具体步骤如下
[root@cobbler01-32 ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-6.repo
--2019-11-16 04:45:36-- http://mirrors.aliyun.com/repo/epel-6.repo
Resolving mirrors.aliyun.com... 183.2.199.238, 183.2.199.237, 183.60.228.240, ...
Connecting to mirrors.aliyun.com|183.2.199.238|:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 664 [application/octet-stream]
Saving to: “/etc/yum.repos.d/epel.repo”
100%[=======================================================================>] 664 --.-K/s in 0s
2019-11-16 04:45:42 (27.5 MB/s) - “/etc/yum.repos.d/epel.repo” saved [664/664]
[root@cobbler01-32 ~]# yum install -y python-simplejson
Loaded plugins: fastestmirror, security
Setting up Install Process
Determining fastest mirrors
……………………
Installed:
python-simplejson.x86_64 0:2.0.9-3.1.el6
Complete!
[root@cobbler01-32 ~]# wget https://kojipkgs.fedoraproject.org//packages/Django14/1.4.14/1.el6/noarch/Django14-1.4.14-1.el6.noarch.rpm ##下载Django
[root@cobbler01-32 ~]# rpm -ivh Django14-1.4.14-1.el6.noarch.rpm
Preparing... ########################################### [100%]
1:Django14 ########################################### [100%]
Yum安装cobbler cobbler-web dhcp tftp-server pykickstart httpd
[root@cobbler01-32 ~]# yum -y install cobbler cobbler-web dhcp tftp-server pykickstart httpd
Loaded plugins: fastestmirror, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirrors.aliyun.com
* extras: mirrors.aliyun.com
* updates: mirrors.aliyun.com
Resolving Dependencies
--> Running transaction check
---> Package cobbler.x86_64 0:2.6.11-7.git95749a6.el6 will be installed
……………………
Complete!
备份cobbler配置文件(很重要)
[root@cobbler01-32 ~]# mkdir /home/jack/etc-backup
[root@cobbler01-32 ~]# cp /etc/cobbler/settings /home/jack/etc-backup/
修改配置文件
[root@cobbler01-32 ~]# sed -i '/^server/s#127.0.0.1#10.1.1.32#g' /etc/cobbler/settings
server: 10.1.1.32 :#这是cobbler服务器的地址——因为系统在安装过程中使用它,所以它必须是系统的地址或主机名,因为这些系统可以看到服务器。如果您的服务器对不同的子网(双主网等)显示不同,则需要阅读手册页中的–server override部分了解其工作原理。
[root@cobbler01-32 ~]# sed -i '/^next_server/s#127.0.0.1#10.1.1.32#g' /etc/cobbler/settings
next_server: 10.1.1.32 :#如果将cobbler与manage_dhcp一起使用,请将cobbler服务器的IP地址放在此处,以便如果设置不正确,PXE引导来宾可以找到它,这将显示在TFTP打开超时中。
[root@cobbler01-32 ~]# openssl passwd -1 -salt '11111' 'qaz123' #生成密码
$1$11111$YbqEYPNSDxqVczNWAS5XI1
[root@cobbler01-32 ~]# sed -ri '/default_pass/s#^(.*):.*$#\1: "$1$11111$YbqEYPNSDxqVczNWAS5XI1"#g' /etc/cobbler/settings
default_password_crypted:#cobbler在/var/lib/cobbler/kickstarts/中存储了各种kickstart模板示例。这控制为引用此变量的系统设置的安装(根)密码。工厂默认为“cobbler”,如果没有更改,cobbler check将发出警告。更改密码的最简单方法是运行openssl passwd-1并将输出放在下面的“”之间。
[root@cobbler01-32 ~]# sed -i '/^manage_dhcp/s#0#1#g' /etc/cobbler/settings
Manage_dhcp 1:#设置为1以启用Cobbler的DHCP管理功能。DHCP管理引擎的选择在/etc/Cobbler/modules.conf中
[root@cobbler01-32 ~]# sed -i '/^pxe_just/s#0#1#g' /etc/cobbler/settings
pxe_just_once 1:如果将此设置设置为1,则pxe引导的cobbler系统将在安装结束时请求在cobbler系统记录中切换启用了–netboot的记录。如果系统按BIOS顺序设置为PXEfirst,这就消除了PXE启动循环的可能性。如果您的BIOS引导顺序中的第一个是PXE,则启用此选项,否则保持禁用状态。请参阅手册页中的–netboot enabled。
修改/etc/xinetd.d/rsync和tftp这两个文件如下
[root@cobbler01-32 ~]# sed -i '6s#yes#no#g' /etc/xinetd.d/rsync
[root@cobbler01-32 ~]# cat -n /etc/xinetd.d/rsync
1 # default: off
2 # description: The rsync server is a good addition to an ftp server, as it \
3 # allows crc checksumming etc.
4 service rsync
5 {
6 disable = no ##默认是yes,就是不开启的意思,no是开启
7 flags = IPv6
8 socket_type = stream
9 wait = no
10 user = root
11 server = /usr/bin/rsync
12 server_args = --daemon
13 log_on_failure += USERID
14 }
[root@cobbler01-32 ~]# sed -i '14s#yes#no#g' /etc/xinetd.d/tftp
[root@cobbler01-32 ~]# cat -n /etc/xinetd.d/tftp
1 # default: off
2 # description: The tftp server serves files using the trivial file transfer \
3 # protocol. The tftp protocol is often used to boot diskless \
4 # workstations, download configuration files to network-aware printers, \
5 # and to start the installation process for some operating systems.
6 service tftp
7 {
8 socket_type = dgram
9 protocol = udp
10 wait = yes
11 user = root
12 server = /usr/sbin/in.tftpd
13 server_args = -s /var/lib/tftpboot
14 disable = no ##默认是yes,就是不开启的意思,no是开启
15 per_source = 11
16 cps = 100 2
17 flags = IPv4
18 }
修改cobbler对应dhcp的模板文件/etc/cobbler/dhcp.template
[root@cobbler01-32 ~]# sed -i '21s#192.168.1.0#10.1.1.0#g' /etc/cobbler/dhcp.template
[root@cobbler01-32 ~]# sed -i '22s#192.168.1.5#10.1.1.2#g' /etc/cobbler/dhcp.template
[root@cobbler01-32 ~]# sed -i '22s#192.168.1.1#10.1.1.2#g' /etc/cobbler/dhcp.template
[root@cobbler01-32 ~]# sed -i '23s#192.168.1.1#10.1.1.2#g' /etc/cobbler/dhcp.template
[root@cobbler01-32 ~]# sed -i '25s#192.168.1.100 192.168.1.254#10.1.1.120 10.1.1.130#g' /etc/cobbler/dhcp.template
[root@cobbler01-32 ~]# head -30 /etc/cobbler/dhcp.template|tail -10
subnet 10.1.1.0 netmask 255.255.255.0 {
option routers 10.1.1.2;
option domain-name-servers 10.1.1.2;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.1.1.120 10.1.1.130;
default-lease-time 21600;
max-lease-time 43200;
next-server $next_server;
class "pxeclients" {
match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";
[root@cobbler01-32 ~]# cobbler sync ##先同步配置
[root@cobbler01-32 ~]# /etc/init.d/dhcpd start ##在启动dhcp服务,否则失败
同步网络引导加载程序。(/var/lib/cobbler/loaders中缺少一些网络引导加载程序,您可以运行“cobbler get loaders”下载它们,或者,如果您只想处理x86/x86_64上网本,则可以确保安装了最新版本的syslinux包,并且可以完全忽略此消息。如果您想支持所有体系结构,这个目录中的文件应该包括pxelinux.0、menu.c32、elilo.efi和yaboot。“cobbler get loaders”命令是解决这些需求的最简单方法)
[root@cobbler01-32 ~]# cobbler get-loaders
task started: 2019-11-16_062001_get_loaders
task started (id=Download Bootloader Content, time=Sat Nov 16 06:20:01 2019)
downloading http://cobbler.github.io/loaders/README to /var/lib/cobbler/loaders/README
downloading http://cobbler.github.io/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo
downloading http://cobbler.github.io/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot
downloading http://cobbler.github.io/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux
downloading http://cobbler.github.io/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi
downloading http://cobbler.github.io/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot
downloading http://cobbler.github.io/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0
downloading http://cobbler.github.io/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32
downloading http://cobbler.github.io/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi
downloading http://cobbler.github.io/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi
*** TASK COMPLETE ***
查看cobbler配置情况(如果剩下下面两个问题可以忽略,也就是说你配置好了配置文件这一块)
[root@cobbler01-32 ~]# cobbler check
The following are potential configuration items that you may want to fix:
1 : debmirror package is not installed, it will be required to manage debian deployments and repositories
2 : fencing tools were not found, and are required to use the (optional) power management features. install cman or fence-agents to use them
Restart cobblerd and then run 'cobbler sync' to apply changes.
Cobbler命令行介绍
三个模版:distro 发行版 profile:配置 system:系统选项
[root@cobbler01-32 ~]# cobbler
usage=====
cobbler <distro|profile|system|repo|image|mgmtclass|package|file> ...
[add|edit|copy|getks*|list|remove|rename|report] [options|--help]
cobbler <aclsetup|buildiso|import|list|replicate|report|reposync|sync|validateks|version|signature|get-loaders|hardlink> [options|--help]
cobbler check 核对当前设置是否有问题
cobbler list 列出所有的cobbler元素
cobbler report 列出元素的详细信息
cobbler sync 同步配置到数据目录,更改配置最好都要执行下
cobbler reposync 同步yum仓库
cobbler distro 查看导入的发行版系统信息
cobbler system 查看添加的系统信息
cobbler profile 查看配置信息
[root@cobbler01-32 ~]# cobbler distro/profile/system/repo/import
usage=====
cobbler distro add :添加发行版
cobbler distro copy :复制发行版
cobbler distro edit :编辑发行版
cobbler distro find :查找发行版
cobbler distro list :查看所有的发行版
cobbler distro remove :删除
cobbler distro rename :按名称删除发行版
cobbler distro report :查看发行版信息
还有好多不一一介绍
导入centos6.8镜像文件
[root@cobbler01-32 ~]# cobbler import --path=/mnt/ --name=centos-6.8-x86_64 --arch=x86_64
task started: 2019-11-16_064240_import
task started (id=Media import, time=Sat Nov 16 06:42:40 2019)
Found a candidate signature: breed=redhat, version=rhel6
Found a matching signature: breed=redhat, version=rhel6
Adding distros from path /var/www/cobbler/ks_mirror/centos-6.8-x86_64:
creating new distro: centos-6.8-x86_64
trying symlink: /var/www/cobbler/ks_mirror/centos-6.8-x86_64 -> /var/www/cobbler/links/centos-6.8-x86_64
creating new profile: centos-6.8-x86_64
associating repos
checking for rsync repo(s)
checking for rhn repo(s)
checking for yum repo(s)
starting descent into /var/www/cobbler/ks_mirror/centos-6.8-x86_64 for centos-6.8-x86_64
processing repo at : /var/www/cobbler/ks_mirror/centos-6.8-x86_64
need to process repo/comps: /var/www/cobbler/ks_mirror/centos-6.8-x86_64
looking for /var/www/cobbler/ks_mirror/centos-6.8-x86_64/repodata/*comps*.xml
Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos-6.8-x86_64/repodata
*** TASK COMPLETE ***
##import:导入的意思
##–path:指定镜像文件挂载路径
##–name:给导入的镜像文件取个名。Distro中—name和profile中—name指的意思不一样,可以单独存在
##–arch:镜像文件架构模式常见32位和64位
修改新安装服务器的网卡接口为默认名eth0
[root@cobbler01-32 ~]# cobbler profile edit --name= centos-6.8-x86_64 --kopts='net.ifnames=0 biosdevname=0'
[root@cobbler01-32 ~]# touch /var/lib/cobbler/kickstarts/centos6.8-ks.cfg
给CentOS-6.8-x86_64镜像指定ks.cfg应答文件
[root@cobbler01-32 ~]# cobbler profile edit --name= centos-6.8-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos6.8-ks.cfg
cobbler list
定制化安装
[root@cobbler01-32 ~]# cobbler system add --name=centos6.8-jack --mac=00:50:56:28:32:E0 --profile=centos-6.8-x86_64 --ip-address=10.1.1.101 --subnet=255.255.255.0 --gateway=10.1.1.2 --interface=eth0 --static=1 --hostname=jack-cobbler --name-servers="114.114.114.114 8.8.8.8"
[root@cobbler01-32 ~]# vim /var/lib/cobbler/kickstarts/centos6.8-ks.cfg
配置完成后记得同步cobbler配置和重启服务
cobbler sync
/etc/init.d/xinetd restart
/etc/init.d/httpd restart
/etc/init.d/dhcpd restart
/etc/init.d/cobblerd restart
Centos7的kickstart文件
[root@linux-node1 kickstarts]# cat centos6.8-ks.cfg
#Cobbler for Kickstart Configurator for CentOS 7.1
install
url --url=$tree # 这些$开头的变量都是调用配置文件里的值。
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
#Network information
$SNIPPET('network_config')
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw --iscrypted $default_password_crypted
clearpart --all --initlabel
part /boot --fstype xfs --size 1024 # CentOS7系统磁盘默认格式xfs
part swap --size 1024
part / --fstype xfs --size 1 --grow
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
#Enable installation monitoring
$SNIPPET('pre_anamon')
%end
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
iptraf
ncurses-devel
openssl-devel
zlib-devel
OpenIPMI-tools
screen
%end
%post
systemctl disable postfix.service
%end
Centos7的kickstart文件
[root@linux-node1 ~]# vim /var/www/html/ks_config/CentOS-7.1-ks.cfg
#Kickstart Configurator for CentOS 6.7
install
url --url=$tree
text
lang en_US.UTF-8
keyboard us
zerombr
bootloader --location=mbr --driveorder=sda --append="crashkernel=auto rhgb quiet"
$SNIPPET('network_config')
timezone --utc Asia/Shanghai
authconfig --enableshadow --passalgo=sha512
rootpw --iscrypted $default_password_crypted
clearpart --all --initlabel
part /boot --fstype=ext4 --asprimary --size=200
part swap --size=1024
part / --fstype=ext4 --grow --asprimary --size=200
firstboot --disable
selinux --disabled
firewall --disabled
logging --level=info
reboot
%pre
$SNIPPET('log_ks_pre')
$SNIPPET('kickstart_start')
$SNIPPET('pre_install_network_config')
$SNIPPET('pre_anamon')
%end
%packages
@base
@compat-libraries
@debugging
@development
tree
nmap
sysstat
lrzsz
dos2unix
telnet
iptraf
ncurses-devel
openssl-devel
zlib-devel
OpenIPMI-tools
screen
%end