一、Cobbler(直译为补鞋匠)
使用 Cobbler,您无需进行人工干预即可安装机器。Cobbler 设置一个 PXE 引导环境(它还可使用 yaboot 支持 PowerPC),并控制与安装相关的所有方面,比如网络引导服务(DHCP 和 TFTP)与存储库镜像。当希望安装一台新机器时,Cobbler 可以:
1.使用一个以前定义的模板来配置 DHCP 服务(如果启用了管理 DHCP) 2.将一个存储库(yum 或 rsync)建立镜像或解压缩一个媒介,以注册一个新操作系统 3.在 DHCP 配置文件中为需要安装的机器创建一个条目,并使用您指定的参数(IP 和 MAC 地址) 4.在 TFTFP 服务目录下创建适当的 PXE 文件 5.重新启动 DHCP 服务以反映更改 6.重新启动机器以开始安装(如果电源管理已启用)
Cobbler 支持众多的发行版:Red Hat、Fedora、CentOS、Debian、Ubuntu 和 SuSE。当添加一个操作系统(通常通过使用 ISO 文件)时,Cobbler 知道如何解压缩合适的文件并调整网络服务,以正确引导机器。
Cobbler 使用命令行方式管理,也提供了基于Web的图形化配置管理工具(cobbler-web)。
通过配置cobbler自动部署DHCP、TFTP、HTTP,在安装过程中加载kiskstart无人值守安装应答文件实现无人值守。从客户端使用PXE引导启动安装。
二、安装EPEL源
# wget http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm # rpm -ivh epel-release-latest-7.noarch.rpm # yum repolist ##检查是否已添加至源列表
三、关闭SELinux和防火墙
a、临时关闭(不用重启机器):
# setenforce 0 ##设置SELinux 成为permissive模式 (关闭SELinux) # setenforce 1 ##设置SELinux 成为enforcing模式 (开启SELinux)
b、修改配置文件需要重启机器:
# vi /etc/selinux/config
将SELINUX=enforcing 改为SELINUX=disabled(需重启机器)
c、可自己做策略开放相应端口,这里我直接关闭:
# systemctl status firewalld.service ##查看防火墙状态 # systemctl stop firewalld.service ##关闭防火墙
四、cobbler安装配置
①安装
# yum install cobbler cobbler-web ##安装cobbler和其web管理工具 为依赖而安装: PyYAML libyaml mod_ssl mod_wsgi python-cheetah python-django python-django-bash-completion python-markdown python-netaddr python-pillow python-pygments python-simplejson tftp-server xinetd # yum install dhcp httpd rsync # yum install fence-agents ##执行电源管理活动的代理包
②配置
配置http服务器
# vi /etc/httpd/conf/httpd.conf ServerName 127.0.0.1:80 # systemctl start httpd.service
2.配置tftp
# vi /etc/xinetd.d/tftp disable = no # systemctl start xinetd.service
3.配置cobbler主配置文件
# vi /etc/cobbler/settings 242 manage_dhcp: 1 ##开启DHCP可管理状态 258 manage_tftpd: 1 ##开启tftp管理 261 manage_rsync: 1 ##开启rsync管理 272 next_server:192.168.10.128 ##和cobbler服务器通过http和tftp等协议链接的IP 292 pxe_just_once: 1 ##PXE安装 只允许一次,防止误操作 358 restart_dns: 1 359 restart_dhcp: 1 384 server: 192.168.10.128 ##DHCP/PXE网络引导文件被下载的TFTP服务器的IP
4.配置cobbler可管理服务
# vi /etc/cobbler/modules.conf [authentication] module = authn_configfile [authorization] module = authz_allowall [dns] module = manage_bind [dhcp] module = manage_isc [tftpd] module = manage_in_tftpd
5.生成密钥和配置默认密钥
使用方法:openssl passwd -1 -salt '任意字符' '密码' # openssl passwd -1 -salt 'cobbler' '12345' $1$cobbler$yheL/tcotyNfj2/ieNTcF.
# vi /etc/cobbler/settings 101 default_password_crypted: "$1$cobbler$yheL/tcotyNfj2/ieNTcF." ##安装完系统root密码
6.DHCP配置
# vi /etc/cobbler/dhcp.template ##修改DHCP模板使其分配的地址和Cobbler在同一网段 subnet 192.168.10.0 netmask 255.255.255.0 { ##修改网段 option routers 192.168.10.2; ##修改路由 option domain-name-servers 114.114.114.114; ##域名服务器地址 option subnet-mask 255.255.255.0; ##子网掩码 range dynamic-bootp 192.168.10.111 192.168.10.222; ##可租用地址范围 default-lease-time 21600; ##默认租约时间 max-lease-time 43200; ##最大租约时间 next-server $next_server; ##指定引导服务器 }
7.启动服务并检查
# systemctl start cobblerd.service ##启动cobbler# systemctl enable cobblerd.service# systemctl status cobblerd.service cobblerd.service - Cobbler Helper Daemon Loaded: loaded (/usr/lib/systemd/system/cobblerd.service; enabled) Active: inactive (dead) since 五 2015-09-18 10:28:32 CST; 3s ago Process: 46405 ExecStartPost=/usr/bin/touch /usr/share/cobbler/web/cobbler.wsgi (code=exited, status=0/SUCCESS) Process: 46404 ExecStart=/usr/bin/cobblerd -F (code=exited, status=0/SUCCESS) Main PID: 46404 (code=exited, status=0/SUCCESS)
# cobbler check ##进行检查,按照提示操作 The following are potential configuration items that you may want to fix: 1 : some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely. Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements. 2 : file /etc/xinetd.d/rsync does not exist 3 : debmirror package is not installed, it will be required to manage debian deployments and repositories Restart cobblerd and then run 'cobbler sync' to apply changes.
# cobbler get-loaders ##根据提示下载相关文件 task started: 2015-09-18_121450_get_loaders task started (id=Download Bootloader Content, time=Fri Sep 18 12:14:50 2015) downloading http://cobbler.github.com/loaders/README to /var/lib/cobbler/loaders/README downloading http://cobbler.github.com/loaders/COPYING.elilo to /var/lib/cobbler/loaders/COPYING.elilo downloading http://cobbler.github.com/loaders/COPYING.yaboot to /var/lib/cobbler/loaders/COPYING.yaboot downloading http://cobbler.github.com/loaders/COPYING.syslinux to /var/lib/cobbler/loaders/COPYING.syslinux downloading http://cobbler.github.com/loaders/elilo-3.8-ia64.efi to /var/lib/cobbler/loaders/elilo-ia64.efi downloading http://cobbler.github.com/loaders/yaboot-1.3.17 to /var/lib/cobbler/loaders/yaboot downloading http://cobbler.github.com/loaders/pxelinux.0-3.86 to /var/lib/cobbler/loaders/pxelinux.0 downloading http://cobbler.github.com/loaders/menu.c32-3.86 to /var/lib/cobbler/loaders/menu.c32 downloading http://cobbler.github.com/loaders/grub-0.97-x86.efi to /var/lib/cobbler/loaders/grub-x86.efi downloading http://cobbler.github.com/loaders/grub-0.97-x86_64.efi to /var/lib/cobbler/loaders/grub-x86_64.efi *** TASK COMPLETE ***
# cobbler sync ##执行同步 task started: 2015-09-18_122051_sync task started (id=Sync, time=Fri Sep 18 12:20:51 2015) running pre-sync triggers cleaning trees removing: /var/lib/tftpboot/grub/images copying bootloaders trying hardlink /var/lib/cobbler/loaders/pxelinux.0 -> /var/lib/tftpboot/pxelinux.0 trying hardlink /var/lib/cobbler/loaders/menu.c32 -> /var/lib/tftpboot/menu.c32 trying hardlink /var/lib/cobbler/loaders/yaboot -> /var/lib/tftpboot/yaboot trying hardlink /var/lib/cobbler/loaders/grub-x86.efi -> /var/lib/tftpboot/grub/grub-x86.efi trying hardlink /var/lib/cobbler/loaders/grub-x86_64.efi -> /var/lib/tftpboot/grub/grub-x86_64.efi copying distros to tftpboot copying images generating PXE configuration files generating PXE menu structure rendering DHCP files generating /etc/dhcp/dhcpd.conf rendering TFTPD files generating /etc/xinetd.d/tftp cleaning link caches rendering Rsync files running post-sync triggers running python triggers from /var/lib/cobbler/triggers/sync/post/* running python trigger cobbler.modules.sync_post_restart_services running: dhcpd -t -q received on stdout: received on stderr: running: service dhcpd restart received on stdout: received on stderr: Redirecting to /bin/systemctl restart dhcpd.service running shell triggers from /var/lib/cobbler/triggers/sync/post/* running python triggers from /var/lib/cobbler/triggers/change/* running python trigger cobbler.modules.scm_track running shell triggers from /var/lib/cobbler/triggers/change/* *** TASK COMPLETE ***
五、挂载镜像并执行导入cobbler
①挂载并导入
# mkdir /mnt/cdrom # mount -t auto /dev/cdrom /mnt/cdrom # cobbler import --name=centos7 --arch=x86_64 --path=/mnt/cdrom ##可以不指定"--",耐心等待 task started: 2015-09-18_134401_import task started (id=Media import, time=Fri Sep 18 13:44:01 2015) Found a candidate signature: breed=redhat, version=rhel6 Found a candidate signature: breed=redhat, version=rhel7 Found a matching signature: breed=redhat, version=rhel7 Adding distros from path /var/www/cobbler/ks_mirror/centos7-x86_64: creating new distro: centos7-x86_64 trying symlink: /var/www/cobbler/ks_mirror/centos7-x86_64 -> /var/www/cobbler/links/centos7-x86_64 creating new profile: centos7-x86_64 associating repos checking for rsync repo(s) checking for rhn repo(s) checking for yum repo(s) starting descent into /var/www/cobbler/ks_mirror/centos7-x86_64 for centos7-x86_64 processing repo at : /var/www/cobbler/ks_mirror/centos7-x86_64 need to process repo/comps: /var/www/cobbler/ks_mirror/centos7-x86_64 looking for /var/www/cobbler/ks_mirror/centos7-x86_64/repodata/*comps*.xml Keeping repodata as-is :/var/www/cobbler/ks_mirror/centos7-x86_64/repodata *** TASK COMPLETE ***
②查看导入源库列表
# cobbler distro list centos7-x86_64 # cobbler profile list centos7-x86_64 # cobbler distro report ##显示具体细节 Name : centos7-x86_64 Architecture : x86_64 TFTP Boot Files : {} Breed : redhat Comment : Fetchable Files : {} Initrd : /var/www/cobbler/ks_mirror/centos7-x86_64/images/pxeboot/initrd.img Kernel : /var/www/cobbler/ks_mirror/centos7-x86_64/images/pxeboot/vmlinuz Kernel Options : {} Kernel Options (Post Install) : {} Kickstart Metadata : {'tree': 'http://@@http_server@@/cblr/links/centos7-x86_64'} Management Classes : [] OS Version : rhel7 Owners : ['admin'] Red Hat Management Key : <<inherit>> Red Hat Management Server : <<inherit>> Template Files : {}
六、测试
测试中出现问题:
PXE-E32:TFTP open timeout
PXE-M0F:Exiting Inter PXE ROM
operating system not found
原因:iptables未关闭
安装成功
最小化安装的centos无法使用ifconfig命令,使用ip addr查看DHCP分配地址
客户端登录并使用命令yum install net-tools安装软件包即可使用ifconfig
七、修改profile指定新的KS启动文件
在第一次导入系统镜像时,cobbler会给安装镜像指定一个默认的kickstart自动安装文件,
文件位于/var/lib/cobbler/kickstarts/sample.ks
# cobbler profile list ##查看profile列表 # cobbler profile report --name centos7-x86_64 ##查看具体profile设置 # cobbler distro report --name centos7-x86_64 ##查看安装镜像文件信息 # cobbler profile remove --name=centos7-x86_64 ##移除profile(可不移除,但需在被安装 主机上进行选择) # cobbler profile add --name=centos7-1503 --distro=centos7-x86_64 --kickstart=/var/lib/cobbler/kickstarts/centos7-1503.ks ##添加profile # cobbler sync ##进行同步
kiskstart自动安装文件可使用图形界面工具system-config-kickstart生成
# yum install system-config-kickstart # yum groupinstall "X Window System" ##安装X Window图形界面 # system-config-kickstart ##运行工具进行配置
这里我根据本机的/root/anaconda-ks.cfg文件进行相应更改来制作ks文件
直接更改/var/lib/cobbler/kickstarts下的sample.ks和sample_end.ks文件.
# vi /var/lib/cobbler/kickstarts/sample.ks # vi /var/lib/cobbler/kickstarts/sample_end.ks ##两个文件更改、添加如下 # System language ##更改系统语言 lang zh_CN.UTF-8 # System timezone ##更改系统时间 timezone Asia/Shanghai --isUtc # X Window System configuration information ##安装X Window图形界面 xconfig --startxonboot %packages ##安装相关包 @base @core @desktop-debugging @dial-up @fonts @gnome-desktop @guest-agents @guest-desktop-agents @input-methods @internet-browser @multimedia @print-client @x11 %end # cobbler sync ##同步
命令:cobbler profile add|edit|remove --name=安装引导名 --distro=系统镜像名
--kickstart=kickstart自动安装文件路径
参数说明:
--name:自定义的安装引导名,注意不能重复
--distro:系统安装镜像名,用cobbler distro list可以查看
--kickstart:与系统镜像文件相关联的kickstart自动安装文件(此文件必须预先准备好)
# cobbler list ##查看cobbler列表 # cobbler report # cobbler profile ##profile命令列表 # cobbler profile list ##profile文件列表 # cobbler distro list ##查看导入列表 # cobbler system add
更多命令参数可执行cobbler --help查看
为cobbler添加RPM仓库:
# cobbler repo add --mirror=http://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rp --name=epel7 --arch=x86_64 --breed=yum ##添加EPEL源 # cobbler reposync ##同步源
八、使用Cobbler-web
浏览器中输入:https://IP/cobbler_web即可进入
Cobbler-web有多种认证方式(默认authn_configfile模块认证):
# vi /etc/cobbler/modules.conf [authentication] module = authn_configfile ##认证方式
用户名和密码存放处(默认用户名和密码为cobbler):
# vi /etc/cobbler/users.digest cobbler:Cobbler:a2d6bae81669d707b72c0bd9806e01f3 ##用户名和密码
这样就可以使用Web来部署了
问题:如使用cobbler check检查或cobbler sync同步出现如下问题:
# cobbler check # cobbler sync httpd does not appear to be running and proxying cobbler, or SELinux is in the way. Original traceback: Traceback (most recent call last): File "/usr/lib/python2.7/site-packages/cobbler/cli.py", line 252, in check_setup s.ping() File "/usr/lib64/python2.7/xmlrpclib.py", line 1224, in __call__ return self.__send(self.__name, args) File "/usr/lib64/python2.7/xmlrpclib.py", line 1578, in __request verbose=self.__verbose File "/usr/lib64/python2.7/xmlrpclib.py", line 1264, in request return self.single_request(host, handler, request_body, verbose) File "/usr/lib64/python2.7/xmlrpclib.py", line 1292, in single_request self.send_content(h, request_body) File "/usr/lib64/python2.7/xmlrpclib.py", line 1439, in send_content connection.endheaders(request_body) File "/usr/lib64/python2.7/httplib.py", line 969, in endheaders self._send_output(message_body) File "/usr/lib64/python2.7/httplib.py", line 829, in _send_output self.send(msg) File "/usr/lib64/python2.7/httplib.py", line 791, in send self.connect() File "/usr/lib64/python2.7/httplib.py", line 772, in connect self.timeout, self.source_address) File "/usr/lib64/python2.7/socket.py", line 571, in create_connection raise err error: [Errno 111] Connection refused
解决方法:
# systemctl start httpd.service # systemctl start xinetd.service
未启动http服务和xinetd服务;SELinux或防火墙问题。
附1:Cobbler目录说明
①Cobbler配置文件目录:/etc/cobbler /etc/cobbler/settings ##cobbler主配置文件 /etc/cobbler/dhcp.template ##DHCP服务的配置模板 /etc/cobbler/tftpd.template ##tftp服务的配置模板 /etc/cobbler/rsync.template ##rsync服务的配置模板 /etc/cobbler/iso ##iso模板配置文件 /etc/cobbler/pxe ##pxe模板文件 /etc/cobbler/power ##电源的配置文件 /etc/cobbler/users.conf ##Web服务授权配置文件 /etc/cobbler/users.digest ##用于web访问的用户名密码配置文件 /etc/cobbler/dnsmasq.template ##DNS服务的配置模板 /etc/cobbler/modules.conf ##Cobbler模块配置文件
②Cobbler数据目录:/var/lib/cobbler /var/lib/cobbler/config ##配置文件 /var/lib/cobbler/triggers ##Cobbler命令 /var/lib/cobbler/kickstarts ##默认存放kickstart文件 /var/lib/cobbler/loaders ##存放的各种引导程序
③系统安装镜像目录:/var/www/cobbler /var/www/cobbler/ks_mirror ##导入的系统镜像列表 /var/www/cobbler/images ##导入的系统镜像启动文件 /var/www/cobbler/repo_mirror ##yum源存储目录
④日志目录:/var/log/cobbler /var/log/cobbler/install.log ##客户端系统安装日志 /var/log/cobbler/cobbler.log ##cobbler日志
附2:http://cobbler.github.io/manuals/quickstart/#